r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 048cda18c6dbe7c4e4b106f5e1104b0a
1bd6f3367ccf446263b00ad8c1ece15a4164730b
66a680d9b8e454db94e14d2c4a466891e538b2d83ccee0dc65be62163992b4e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66A680D9B8E454DB94E14D2C4A466891E538B2D83CCEE0DC65BE62163992B4E0"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8646
Expires: Thu, 22 Dec 2022 06:35:27 GMT
Date: Thu, 22 Dec 2022 04:11:21 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b8fbcd7ca1a893d05677318a8a198e7a
0851654c21f6e3741887e7deab8098c1dc56f33c
edbade5913ace2fcbb932922e9af69acb2e8759474a2eeaec216307247fea361
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDBADE5913ACE2FCBB932922E9AF69ACB2E8759474A2EEAEC216307247FEA361"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7040
Expires: Thu, 22 Dec 2022 06:08:41 GMT
Date: Thu, 22 Dec 2022 04:11:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 22 Dec 2022 03:34:39 GMT
content-type: application/json
age: 2202
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 32167242c3bbe7e45a2a865279df94a6
d03436f418ff77d50a553daa892c05e0725ba908
d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5558
Expires: Thu, 22 Dec 2022 05:43:59 GMT
Date: Thu, 22 Dec 2022 04:11:21 GMT
Connection: keep-alive
travelwish-ks.com/
162.0.235.197301 Moved Permanently 707 B IP 162.0.235.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET / HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 04:11:21 GMT
server: LiteSpeed
location: https://travelwish-ks.com/
x-turbo-charged-by: LiteSpeed
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: n68YXUw4sHpHfv9FzjPLpMPCX0jSwuJEp3lSdKv8Wl9xcH+EYrChy4deF1gV872rrAU1EIpy3/o=
x-amz-request-id: YS09R7GWF9FG5EM0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 22 Dec 2022 03:53:30 GMT
age: 1071
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Dec 2022 04:11:21 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 22 Dec 2022 03:33:24 GMT
age: 2278
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 859d899d982bb69df5fb16b8393fa119
580215f1d4f81cda04012c0889cfd9b18ba11863
38159dd549e94d45798b614efa5f968de7b74830c845220d1b6c1435f3940a94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5903
Cache-Control: max-age=110031
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 04:11:22 GMT
Etag: "63a2ccaa-1d7"
Expires: Fri, 23 Dec 2022 10:45:13 GMT
Last-Modified: Wed, 21 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ff55411e10fff5d533a794761999d671
c1bcfc50795f6fd0811b32b240cdb844091de4ca
df5b409d328bd90905fb85724e994ab81bbcd472994f86cbb437716afee4958b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Dec 2022 04:11:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Dec 2022 10:55:22 GMT
Expires: Tue, 27 Dec 2022 10:55:21 GMT
Etag: "c1bcfc50795f6fd0811b32b240cdb844091de4ca"
Cache-Control: max-age=455638,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77d603572cde0b3d-OSL
push.services.mozilla.com/
35.162.50.16101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.50.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: h99ZMRa+nKx0OtnP3e+MQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 57n1JkR4YpyHnrbBEgj6JnNLd/c=
travelwish-ks.com/
162.0.235.197200 OK 13 kB IP 162.0.235.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash 4bef916749d6f01887b01b1ff0ff5be3
6d7592b244e611566a9d57c4015d41858bbdb6b6
2a3fbe5cd56aac85a1f71c5a9e4923b48a44a03cea44d80c388d73607d020306
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET / HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
x-pingback: https://travelwish-ks.com/xmlrpc.php
link: <https://travelwish-ks.com/wp-json/>; rel="https://api.w.org/", <https://travelwish-ks.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://travelwish-ks.com/>; rel=shortlink
etag: "2308-1671448258;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12564
date: Thu, 22 Dec 2022 04:11:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a677501b4490b3352220a1d60a3b88bf
9a5339c0bd6f3e1ae8af0116362efb71426807fc
4dea04acde2396c347e04123c6f97d0efc70695facc6a615a731b6dee801be18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 04:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a677501b4490b3352220a1d60a3b88bf
9a5339c0bd6f3e1ae8af0116362efb71426807fc
4dea04acde2396c347e04123c6f97d0efc70695facc6a615a731b6dee801be18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 04:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
travelwish-ks.com/wp-includes/css/classic-themes.min.css?ver=1
162.0.235.197200 OK 217 B URL HTTP/2 travelwish-ks.com/wp-includes/css/classic-themes.min.css?ver=1
IP 162.0.235.197:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 02:39:25 GMT
accept-ranges: bytes
content-length: 217
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
162.0.235.197200 OK 12 kB URL HTTP/2 travelwish-ks.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 162.0.235.197:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 17:41:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
162.0.235.197200 OK 3.6 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 162.0.235.197:0
File type ASCII text, with very long lines (19233)
Hash af3bdf44d09914e8adb51fec560d8816
84bb225e096bab405868dd504e62133ba75cf1c1
4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: text/css
last-modified: Wed, 21 Dec 2022 19:12:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3629
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.1
162.0.235.197200 OK 11 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.1
IP 162.0.235.197:0
File type ASCII text, with very long lines (65497)
Hash e210e9620b9a60e4ce8a63b0212e7286
9d3b487afbe02623d6f42b9f68bbced4c4170f73
ddb2219e1a96fb385c8b0b0e6fd53fccf5dfc074d698b744544ecb60b1b796e3
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.1 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: text/css
last-modified: Wed, 21 Dec 2022 19:12:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11385
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/elementor/css/post-8.css?ver=1671083980
162.0.235.197200 OK 327 B URL HTTP/2 travelwish-ks.com/wp-content/uploads/elementor/css/post-8.css?ver=1671083980
IP 162.0.235.197:0
File type ASCII text, with very long lines (1160), with no line terminators
Hash 156af3f5717df717ec42bfa956d858de
e1571fd1c6aa033d5e195054ab693fca06327a84
31104c6daf2907ad24c0e2c0721246c0958b62959a512e5a76ee15b90ae890da
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/elementor/css/post-8.css?ver=1671083980 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: text/css
last-modified: Thu, 15 Dec 2022 05:59:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 327
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/elementor/css/post-2.css?ver=1671083980
162.0.235.197200 OK 3.4 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/elementor/css/post-2.css?ver=1671083980
IP 162.0.235.197:0
File type ASCII text, with very long lines (41285)
Hash 21aa675c200535f9e0f04beb12ce81f4
069f273552de883806ab8f99e3aad0a168d2840d
e541d4995022144b1f38ce428bd0fc678f6e3a8bf1c6aba53bbe0c58f626dd8b
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/elementor/css/post-2.css?ver=1671083980 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: text/css
last-modified: Thu, 15 Dec 2022 05:59:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3351
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.3
162.0.235.197200 OK 1.5 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.3
IP 162.0.235.197:0
File type ASCII text, with very long lines (11487)
Hash 603f32a51547bfe69b0ee558107a1361
748709d66aae83768d0ea81e25ca3ba5ddf110f5
d588c5aef1f101936d641f2e6f732ec238dec4f197e3ccd28eeba6e737c4a447
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.3 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: text/css
last-modified: Sun, 09 Oct 2022 14:48:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1533
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
162.0.235.197200 OK 12 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 162.0.235.197:0
File type ASCII text, with very long lines (57726)
Hash f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
162.0.235.197200 OK 3.3 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
IP 162.0.235.197:0
File type Unicode text, UTF-8 text, with very long lines (29357)
Hash cc2c14f0edcecba4e110bdca410fe13e
78d59db6a8ac33d32f3765f5a6d1c4bdf9f48b56
147d33cda54a36fca0a41cbe70af43105fba4d510383b08af7a1ab0cb3212364
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: text/css
last-modified: Sun, 09 Oct 2022 14:48:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3343
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
162.0.235.197200 OK 286 B URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 162.0.235.197:0
File type ASCII text, with very long lines (483)
Hash 8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.9.1
162.0.235.197200 OK 2.4 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.9.1
IP 162.0.235.197:0
File type ASCII text, with very long lines (10019)
Hash d2db71c82a8f672aea59a3e050cd8cd7
af626566f94b3164e4310288cfb142431e8349a6
bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.9.1 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: text/css
last-modified: Tue, 13 Mar 2018 15:48:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2442
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.0.235.197200 OK 4.0 kB URL HTTP/2 travelwish-ks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.0.235.197:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 262ab960b9c7a7e0406e5a7aec04fe55
6d2022c15425b88acc2d29415f678750c71f38ed
7d2818b8e8e70b0f9ceddb23c6a87d22733f11b09596c618ef8b3dfda4f122cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 04:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Hash 4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://travelwish-ks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 08:00:18 GMT
expires: Fri, 15 Dec 2023 08:00:18 GMT
cache-control: public, max-age=31536000
age: 591065
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 262ab960b9c7a7e0406e5a7aec04fe55
6d2022c15425b88acc2d29415f678750c71f38ed
7d2818b8e8e70b0f9ceddb23c6a87d22733f11b09596c618ef8b3dfda4f122cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 04:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 262ab960b9c7a7e0406e5a7aec04fe55
6d2022c15425b88acc2d29415f678750c71f38ed
7d2818b8e8e70b0f9ceddb23c6a87d22733f11b09596c618ef8b3dfda4f122cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 04:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 262ab960b9c7a7e0406e5a7aec04fe55
6d2022c15425b88acc2d29415f678750c71f38ed
7d2818b8e8e70b0f9ceddb23c6a87d22733f11b09596c618ef8b3dfda4f122cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 04:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
travelwish-ks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
162.0.235.197200 OK 30 kB URL HTTP/2 travelwish-ks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 162.0.235.197:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 02:39:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.1
162.0.235.197200 OK 2.0 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.1
IP 162.0.235.197:0
File type ASCII text, with very long lines (4918)
Hash ffde4e25e08b1ffdc9d1f060cda65726
f0689754d97fda7c2354e2cc654158fb86efb752
1cc1536ec774376b6e685428700008a85f72a424751240c61c52cb49cd0b41ae
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.1 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 19:12:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2047
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
162.0.235.197200 OK 6.9 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP 162.0.235.197:0
File type ASCII text, with very long lines (25115)
Hash e8d8c6e4997a420abc51e5fa8c1caa8b
39ae930f057de725cff8549eed82f31f8d0816c1
730b8265b47a7f9bf014b64fb5c27f9f1cff1051dbf53e60ceb3cc16def732cc
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Sun, 09 Oct 2022 14:48:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6935
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.3
162.0.235.197200 OK 2.2 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.3
IP 162.0.235.197:0
File type ASCII text, with very long lines (5141)
Hash 7ad05073b4b51b0acb0a888a202f47b2
6710c9d580aac82c1688f2af6e7f8a234c9ce629
efb5483c7f34f51ed50a87fe3ea32272ac329e2eb4173e408eeb92f256a0de3c
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.3 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Sun, 09 Oct 2022 14:48:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2190
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.1
162.0.235.197200 OK 9.9 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.1
IP 162.0.235.197:0
File type Unicode text, UTF-8 text, with very long lines (31482)
Hash d0d0a3862e95b83dc23f072245b60b58
76fbc0e47ec706ebea7b31f2d3148dcb3562cee9
5827fb04403b4c0b4ab641257e47a53d0eee97edb7760e437bc928b72849392c
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.1 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 19:12:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9924
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
162.0.235.197200 OK 2.4 kB URL HTTP/2 travelwish-ks.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 162.0.235.197:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
162.0.235.197200 OK 6.3 kB URL HTTP/2 travelwish-ks.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 162.0.235.197:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash fecbc00e8af71d8cfb678cd811c7cb2e
44e5dd77f62cb5c67271442b75cdff10d45f2f8d
d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 02:39:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
142.250.74.35200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://travelwish-ks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:12 GMT
expires: Sat, 16 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 484691
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://travelwish-ks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:28:49 GMT
expires: Thu, 21 Dec 2023 19:28:49 GMT
cache-control: public, max-age=31536000
age: 31354
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://travelwish-ks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Dec 2022 18:52:41 GMT
expires: Tue, 19 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 206322
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://travelwish-ks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:38:22 GMT
expires: Thu, 21 Dec 2023 19:38:22 GMT
cache-control: public, max-age=31536000
age: 30781
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 262ab960b9c7a7e0406e5a7aec04fe55
6d2022c15425b88acc2d29415f678750c71f38ed
7d2818b8e8e70b0f9ceddb23c6a87d22733f11b09596c618ef8b3dfda4f122cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 04:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13202
Expires: Thu, 22 Dec 2022 07:51:25 GMT
Date: Thu, 22 Dec 2022 04:11:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13202
Expires: Thu, 22 Dec 2022 07:51:25 GMT
Date: Thu, 22 Dec 2022 04:11:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13202
Expires: Thu, 22 Dec 2022 07:51:25 GMT
Date: Thu, 22 Dec 2022 04:11:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13202
Expires: Thu, 22 Dec 2022 07:51:25 GMT
Date: Thu, 22 Dec 2022 04:11:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4d485bb-4ea0-4ca2-8687-87df55c571a9.png
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4d485bb-4ea0-4ca2-8687-87df55c571a9.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f672d451bfcdb5c6c0ce74f4578c268d
25e1714aaa27435cd939ef03a39e9f067503f807
931dbb511204474ba24283df7c65034e35046ab8e94974f697c52f09c0cbf872
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4d485bb-4ea0-4ca2-8687-87df55c571a9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9428
x-amzn-requestid: e8a380ea-1779-47bb-8c26-0651e0333046
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhCrKElsIAMFRhA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a37e47-133bc4ce28ba188d4ccea364;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 21:44:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rHlDJE7Gj06H2AsYLc0PghmslFpBbD9gYIKn-2SiYnDr3h_KvAv87A==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 21:53:44 GMT
etag: "25e1714aaa27435cd939ef03a39e9f067503f807"
content-type: image/jpeg
age: 22659
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb884452-5df2-48ab-a4ec-32115997faa9.webp
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb884452-5df2-48ab-a4ec-32115997faa9.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f7de42ebe61ecc6711724d27f95eb4c
6ce397b409ef839c0dc05f8b252de815ebd8c8a1
19717a5dcc74517c24f1262ab65461a76318bce3f65f35588c4012dc84d7fddc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb884452-5df2-48ab-a4ec-32115997faa9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8077
x-amzn-requestid: c66fc249-f713-4224-9c5a-520f048ff2ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhCLGGv2IAMFisw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a37d7a-2ccd93dd6cd5b63c6cd49bff;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 21:41:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZM8BwKszwJEeP_iYPkg5reOkom9LgZVKx0whx1DapZr9CEKEJBPX0Q==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 21:53:40 GMT
age: 22663
etag: "6ce397b409ef839c0dc05f8b252de815ebd8c8a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1aefd95-d51b-4642-ab89-11a7030455cf.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1aefd95-d51b-4642-ab89-11a7030455cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd72f58a8fdce6925df77081a95c951b
625acc5e8257f47f745fd5a1b5d43d10f2df0d81
20f5fcc7bd72d44b0fff58e12b4ab025082e55e2d86e2bd48d740f091b84a86a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1aefd95-d51b-4642-ab89-11a7030455cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8860
x-amzn-requestid: 07acc052-7112-4844-8b9b-07ae6d36bde9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dfBrAGUTIAMFzrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a2afdf-5152438d378586f94911a722;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 07:03:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: nw0IuucybpRso4_oHXudKMQPm_wvIHFU9X7TpOiGTAFnP2ob_5Lsjg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 07:14:03 GMT
age: 75440
etag: "625acc5e8257f47f745fd5a1b5d43d10f2df0d81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6da3be-f1ee-4d3e-a386-f8fc3bba9ec6.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6da3be-f1ee-4d3e-a386-f8fc3bba9ec6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7835dca8d5448717cfcb9d8651ea80fa
b521022d3b012dbdbb04cb68dbed9087b369716a
117302e6e42ce2b106f21aef72c8d9ae7273057e00d0729edfd05061b8a4d2ca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6da3be-f1ee-4d3e-a386-f8fc3bba9ec6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6459
x-amzn-requestid: 51180afa-7e9e-4cb4-94be-08750ef9dd0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhBhJHWDoAMFWsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a37c6d-1ec03df72d30a651486c266e;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 21:36:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MFqJIGSv3vA6JTX5WKBOCri9zHuLHJ4zM4Roh6cZvekjzs2e-qQElw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 21:53:56 GMT
age: 22647
etag: "b521022d3b012dbdbb04cb68dbed9087b369716a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda2ee895-fc83-4df7-99f1-2bbc9cf77c8b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda2ee895-fc83-4df7-99f1-2bbc9cf77c8b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b67d0976563ea9460d94e27ff920f9da
f1998577eb3bc2214f195f72a8a1b4ad8aa6bc92
c7ec3c4b87b700796008690562a6033481a7ad826fb2f45875cd6add06189568
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda2ee895-fc83-4df7-99f1-2bbc9cf77c8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10154
x-amzn-requestid: f317432b-7dda-439b-bc02-9c76412e9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ddt_DGlfoAMF5Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a229f9-13a5af4c477a1019544222f4;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 21:32:41 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hmIpamyZaOLQ8eQrYQBFhpOuRUVo-QDZJHVaPq0Pv7FGpRMIOTAOmw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 21:54:39 GMT
age: 22604
etag: "f1998577eb3bc2214f195f72a8a1b4ad8aa6bc92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0542b49b-db40-4512-8fc4-0ccd6d73f961.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0542b49b-db40-4512-8fc4-0ccd6d73f961.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4ebed0a822bd9266e21642e0c2f5169
7192f376b8995cd061e71a4b91224ae7eb3bb219
fc9d0455de2dc0f3dc31f29c19edce153e134a8ded01e5e2c61b27e7bb40ba62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0542b49b-db40-4512-8fc4-0ccd6d73f961.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10368
x-amzn-requestid: f5e84e3a-012c-4ecf-89ac-59ac1597f245
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhBhJFlNIAMFyNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a37c6d-39baf37a412e1cce278db6c0;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 21:36:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TCngU_qcQqz6zxIbkoJ6i-Mon-SCkBPAfI-IIygq9fasWiW0ihmvGA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 21:53:44 GMT
etag: "7192f376b8995cd061e71a4b91224ae7eb3bb219"
content-type: image/jpeg
age: 22659
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/10/3-scaled.jpg
162.0.235.197301 Moved Permanently 707 B URL HTTP/1.1 travelwish-ks.com/wp-content/uploads/2022/10/3-scaled.jpg
IP 162.0.235.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/10/3-scaled.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
location: https://travelwish-ks.com/wp-content/uploads/2022/10/3-scaled.jpg
x-turbo-charged-by: LiteSpeed
travelwish-ks.com/wp-content/uploads/2022/10/toa-heftiba-257785-unsplash.jpg
162.0.235.197301 Moved Permanently 707 B URL HTTP/1.1 travelwish-ks.com/wp-content/uploads/2022/10/toa-heftiba-257785-unsplash.jpg
IP 162.0.235.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/10/toa-heftiba-257785-unsplash.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
location: https://travelwish-ks.com/wp-content/uploads/2022/10/toa-heftiba-257785-unsplash.jpg
x-turbo-charged-by: LiteSpeed
travelwish-ks.com/wp-content/uploads/2022/10/2-scaled.jpg
162.0.235.197301 Moved Permanently 707 B URL HTTP/1.1 travelwish-ks.com/wp-content/uploads/2022/10/2-scaled.jpg
IP 162.0.235.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/10/2-scaled.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
location: https://travelwish-ks.com/wp-content/uploads/2022/10/2-scaled.jpg
x-turbo-charged-by: LiteSpeed
travelwish-ks.com/wp-content/uploads/2022/10/toa-heftiba-270794-unsplash.jpg
162.0.235.197301 Moved Permanently 707 B URL HTTP/1.1 travelwish-ks.com/wp-content/uploads/2022/10/toa-heftiba-270794-unsplash.jpg
IP 162.0.235.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/10/toa-heftiba-270794-unsplash.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
location: https://travelwish-ks.com/wp-content/uploads/2022/10/toa-heftiba-270794-unsplash.jpg
x-turbo-charged-by: LiteSpeed
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Sans+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.74200 OK 3.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Sans+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.74:0
Hash be529fd8b038dbdb6ac9fe0f94b31d6d
cfdf0734780ab8b7217474b4e52d7bef8f3b0eb1
e95133f3945310909b74cbea630ee36d50b41981a65343fff22718c9d8fa2e28
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSource+Sans+Pro%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Dec 2022 04:11:23 GMT
date: Thu, 22 Dec 2022 04:11:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
travelwish-ks.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
162.0.235.197200 OK 1.6 kB URL HTTP/2 travelwish-ks.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 162.0.235.197:0
File type ASCII text, with very long lines (4875)
Hash 06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1575
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
162.0.235.197200 OK 3.7 kB URL HTTP/2 travelwish-ks.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 162.0.235.197:0
Hash f7acc55c5b34188d3e66c5f2ecf3ba80
802270f7a221e406af63d622d364b119d912c15b
826c4e13764f5bf1bd0a17f2e693d943f8605df1024815f67f43694f4338b713
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 02:39:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3717
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
162.0.235.197200 OK 2.9 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 162.0.235.197:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2017 21:35:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.3
162.0.235.197200 OK 5.5 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.3
IP 162.0.235.197:0
File type ASCII text, with very long lines (21374)
Hash 572e4b71b250e508ab15c8a34b337f98
e56f5fdd90bc72fab3f83a7d2c71faf10da4b74f
a49eb532f641eb23ecbf0191a9c532e34190e9b5f2eeb5e004f55b04ba7d94cd
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.3 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Sun, 09 Oct 2022 14:48:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5506
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.3
162.0.235.197200 OK 5.3 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.3
IP 162.0.235.197:0
File type ASCII text, with very long lines (24339)
Hash e9661504567726c97f03debdd9dc4c93
f955558a8e79cee84da0eb450bc5082e0bc84801
d161cbf2b30aacfc2f41a6c34d13ae93726ab269a539bdcf84f623bff74c5d24
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.3 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Sun, 09 Oct 2022 14:48:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5290
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
162.0.235.197200 OK 4.6 kB URL HTTP/2 travelwish-ks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 162.0.235.197:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
162.0.235.197200 OK 6.8 kB URL HTTP/2 travelwish-ks.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 162.0.235.197:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 02:39:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.1
162.0.235.197200 OK 12 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.1
IP 162.0.235.197:0
File type ASCII text, with very long lines (40657)
Hash 8c7ab746e082dda4943fe6b9c0c5ebc8
d11519b0d66058ecd8d8ac1c68b83bafeaa34ba0
843b10f39c9b6aba0f05c1e5fba3946c7602e850a76f61cd25ea0d8a05f4338d
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.1 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 19:12:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11747
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/11/dubai.webp
162.0.235.197200 OK 66 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/11/dubai.webp
IP 162.0.235.197:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 620x506, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 50ed7b8d533ad3536f4deccf2dd1c3da
98bb050096a1bc9eb1a901a9e69d1ef0c263b7a4
54ab383bbcd6842c82030f5feec91e006823203ac8eb0a6b3742428620ca5e32
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/11/dubai.webp HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: image/webp
last-modified: Tue, 15 Nov 2022 15:36:37 GMT
accept-ranges: bytes
content-length: 65646
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/11/paris2.jpg
162.0.235.197200 OK 140 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/11/paris2.jpg
IP 162.0.235.197:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, description=The Eiffel tower from the river Seine in Paris, France\377\341\005Yhttp://ns.adobe.com/xap/1.0/, orientation=upper-left], baseline, precision 8, 508x339, components 3\012- data
Size 140 kB (140415 bytes)
Hash ebc3a37f7a563ed2e88d8458c0d9bd14
609b70c906f4b98fd74790e1d9792b16a4179ac1
9221e1034fcad668209a395008ed65a6b0e2aff2ff98447a2a2ce1cda8722e8c
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/11/paris2.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: image/jpeg
last-modified: Tue, 15 Nov 2022 15:29:17 GMT
accept-ranges: bytes
content-length: 140415
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/10/e41caad3-header-border-bottom-1536x21.png
162.0.235.197200 OK 3.7 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/10/e41caad3-header-border-bottom-1536x21.png
IP 162.0.235.197:0
File type PNG image data, 1536 x 21, 8-bit/color RGBA, non-interlaced\012- data
Hash 531da6f6a6f68f4bd2077ba0fddbd032
e8e2bc84a084fb4f78f2bbf078053b0dd55e9079
d589ce5efbee7f6a1f94846ffb5468bb77708452a38b94c5c168ede1530bc874
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/10/e41caad3-header-border-bottom-1536x21.png HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: image/png
last-modified: Sun, 09 Oct 2022 16:08:30 GMT
accept-ranges: bytes
content-length: 3745
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/10/bardhe-150x150.png
162.0.235.197200 OK 6.4 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/10/bardhe-150x150.png
IP 162.0.235.197:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash a0498b94296feac2a8c8c2b9d28cf5eb
ca864ee107e794e112dc3bda6b5ec5e7a4112844
1b895bc957b50b6a51390c9f96a3eecb602b1779b04c056ecebad5399f5b8cd1
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/10/bardhe-150x150.png HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: image/png
last-modified: Sun, 09 Oct 2022 16:11:55 GMT
accept-ranges: bytes
content-length: 6428
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
162.0.235.197200 OK 93 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP 162.0.235.197:0
File type Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Hash aab0bb3379e0eb7ebc26071db61fbd57
711c8d350c4192c2f1aa7f73551445b89fb4b161
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://travelwish-ks.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: font/woff2
last-modified: Wed, 21 Dec 2022 19:12:44 GMT
accept-ranges: bytes
content-length: 93372
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/10/rixos-premium-jbr-dubai1-768x512.jpg
162.0.235.197200 OK 72 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/10/rixos-premium-jbr-dubai1-768x512.jpg
IP 162.0.235.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 768x512, components 3\012- data
Hash a9d16c822e11bdd6200d2529cfa7e6ce
ac6d16e29bcd003ee66d6ae2a77c04983fb0a5b2
bf6836431af38b9208c04017e0583676a15301d9ab5b5f0fec0ca69c45031782
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/10/rixos-premium-jbr-dubai1-768x512.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: image/jpeg
last-modified: Tue, 11 Oct 2022 10:07:43 GMT
accept-ranges: bytes
content-length: 71837
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/10/final-dl.beatsnoop.com-70xtW1qmas-e1665482092425.jpg
162.0.235.197200 OK 132 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/10/final-dl.beatsnoop.com-70xtW1qmas-e1665482092425.jpg
IP 162.0.235.197:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 696x1315, components 3\012- data
Size 132 kB (131511 bytes)
Hash fdc9f802f3306679137a2c051e0f37e6
0d24af18f03f9bd8b84b8bf0e5ce16f1558d8314
3209ae20085449c55a65f0087c2eaa9be96ae38b49bb980b95039c64ce721565
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/10/final-dl.beatsnoop.com-70xtW1qmas-e1665482092425.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: image/jpeg
last-modified: Tue, 11 Oct 2022 09:54:52 GMT
accept-ranges: bytes
content-length: 131511
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
162.0.235.197200 OK 1.2 kB URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
IP 162.0.235.197:0
File type ASCII text, with very long lines (3262)
Hash dac702dde8b43281aff61bcc8c0b99cf
31eabd2f6cbd85a142e08e9d3f92298c661be81f
97f0a230a99c3d85a29780624bccbdee07d41083d2045250acdc61541ba5693a
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:24 GMT
content-type: application/javascript
last-modified: Sun, 09 Oct 2022 14:48:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1173
date: Thu, 22 Dec 2022 04:11:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/11/italy.jpg
162.0.235.197200 OK 281 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/11/italy.jpg
IP 162.0.235.197:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1600x1067, components 3\012- data
Size 281 kB (281323 bytes)
Hash c8fb55e2da1387b1886b2713742c6379
058e798d9363f28a0a572d62de31152f314c81c7
b8c1a63500c820c77ac3e6f61a5799b52e1eb4bd66ec6d4fa7c8e0db8e6cd2ef
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/11/italy.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: image/jpeg
last-modified: Tue, 15 Nov 2022 15:31:47 GMT
accept-ranges: bytes
content-length: 281323
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
162.0.235.197200 OK 599 B URL HTTP/2 travelwish-ks.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 162.0.235.197:0
File type ASCII text, with very long lines (1320)
Hash f73a782fa167dca8b6aa2bb971179bb4
54a46cbd66d347288901dbecf012e67eb4aba06c
869981286ca918c31bbcb12dbd5fdd4b68488d43b89a693132187e89b51f3c94
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:24 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 19:12:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 599
date: Thu, 22 Dec 2022 04:11:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/11/geneva.jpg
162.0.235.197200 OK 441 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/11/geneva.jpg
IP 162.0.235.197:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x1349, components 3\012- data
Size 441 kB (441233 bytes)
Hash d6b600fa39cee78b5e3da6239fffeeaa
3002dc467eb8b5b027fcdf15dbe2f98a2bc83e71
77bfb9e114c2a788a6bdd2d1a28e9448b0add088c0017b06466306f6eff8c3c6
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/11/geneva.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: image/jpeg
last-modified: Tue, 15 Nov 2022 15:45:14 GMT
accept-ranges: bytes
content-length: 441233
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/11/eg.jpg
162.0.235.197200 OK 407 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/11/eg.jpg
IP 162.0.235.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1380x917, components 3\012- data
Size 407 kB (407406 bytes)
Hash f4e3038216c07747e50c5c7b4036a032
129063ba6aa0db8ebe0c684b5b272938fc984d07
32d7cb71b336c2ed203abe7e8f100c1545b253791d3e2e2e6e82714a67706f4f
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/11/eg.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: image/jpeg
last-modified: Tue, 15 Nov 2022 15:17:03 GMT
accept-ranges: bytes
content-length: 407406
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/11/kapadokia-scaled.jpg
162.0.235.197200 OK 503 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/11/kapadokia-scaled.jpg
IP 162.0.235.197:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2560x1681, components 3\012- data
Size 503 kB (503347 bytes)
Hash 717a2141f4b4a2e1db68ef68cd1b13a2
df1b4bebdba46a3bee5869707456361f4d8912e5
c83a146a3f5a643015f02077fa02fc26904a213bcdbe95d29757e6145ad81d22
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/11/kapadokia-scaled.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:23 GMT
content-type: image/jpeg
last-modified: Tue, 15 Nov 2022 15:09:40 GMT
accept-ranges: bytes
content-length: 503347
date: Thu, 22 Dec 2022 04:11:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/10/toa-heftiba-270794-unsplash.jpg
162.0.235.197200 OK 260 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/10/toa-heftiba-270794-unsplash.jpg
IP 162.0.235.197:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1969, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3008], baseline, precision 8, 1920x1257, components 3\012- data
Size 260 kB (260222 bytes)
Hash 2c6d51e11ce935f4c7393df98b8c84f7
ab5101fb7e3f55f114ea72f180ead1328646d84c
4d461188ececbcac63502d07f41e8948d9596a691ef4036e74d2a6ae5b271190
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/10/toa-heftiba-270794-unsplash.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:24 GMT
content-type: image/jpeg
last-modified: Sun, 09 Oct 2022 15:04:53 GMT
accept-ranges: bytes
content-length: 260222
date: Thu, 22 Dec 2022 04:11:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/10/toa-heftiba-257785-unsplash.jpg
162.0.235.197200 OK 375 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/10/toa-heftiba-257785-unsplash.jpg
IP 162.0.235.197:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2000, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3008], baseline, precision 8, 1920x1277, components 3\012- data
Size 375 kB (375279 bytes)
Hash 5a1e9857c4a7bd63e5d818e73509b0a5
db136045a6b8bf660954fa705958e196da827ebe
53b3fc3058a4bdcbb1117cf9db4069cadefd6a3d3f1a5877f2d73bc16bd4ad93
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/10/toa-heftiba-257785-unsplash.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:24 GMT
content-type: image/jpeg
last-modified: Sun, 09 Oct 2022 15:04:29 GMT
accept-ranges: bytes
content-length: 375279
date: Thu, 22 Dec 2022 04:11:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/10/3-scaled.jpg
162.0.235.197200 OK 754 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/10/3-scaled.jpg
IP 162.0.235.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2560x2560, components 3\012- data
Size 754 kB (754069 bytes)
Hash 92aa37cbaa0463778c0973ee4aef5504
b7303e148c6549382c0d678c15001f9579fc88a1
e263a67b8f8e3f8c956d4152a292f802f7e37709823d5250f50e7b746783e0e6
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/10/3-scaled.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:24 GMT
content-type: image/jpeg
last-modified: Tue, 11 Oct 2022 09:48:14 GMT
accept-ranges: bytes
content-length: 754069
date: Thu, 22 Dec 2022 04:11:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/favicon.ico
162.0.235.197404 Not Found 1.2 kB URL HTTP/2 travelwish-ks.com/favicon.ico
IP 162.0.235.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /favicon.ico HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://travelwish-ks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Thu, 22 Dec 2022 04:11:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/10/1-scaled.jpg
162.0.235.197200 OK 732 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/10/1-scaled.jpg
IP 162.0.235.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2560x2560, components 3\012- data
Size 732 kB (731531 bytes)
Hash 04c7ec043ab9a7ef0c637872d74bb083
9dfe764511aec80f8c860fda993156e627fc434a
f8185f0fa2aee9e2a2dccaf00dd2e485cd275131679cab10e8227b6c95549ada
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/10/1-scaled.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:24 GMT
content-type: image/jpeg
last-modified: Tue, 11 Oct 2022 09:48:41 GMT
accept-ranges: bytes
content-length: 731531
date: Thu, 22 Dec 2022 04:11:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
travelwish-ks.com/wp-content/uploads/2022/10/2-scaled.jpg
162.0.235.197200 OK 875 kB URL HTTP/2 travelwish-ks.com/wp-content/uploads/2022/10/2-scaled.jpg
IP 162.0.235.197:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2560x2560, components 3\012- data
Size 875 kB (875318 bytes)
Hash 52db7e6185ec287b75e37a1e3513b626
5668c735f590d2fff0e55ce7472803d9367a64e5
4140401a64947e8c711cc324fa59a2df6e9924500664fc58f0dff144c11d88c9
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/10/2-scaled.jpg HTTP/1.1
Host: travelwish-ks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 04:11:24 GMT
content-type: image/jpeg
last-modified: Tue, 11 Oct 2022 09:47:33 GMT
accept-ranges: bytes
content-length: 875318
date: Thu, 22 Dec 2022 04:11:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f3799ee-6598-4ce8-bef0-6d88a12108fd.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f3799ee-6598-4ce8-bef0-6d88a12108fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ac8d04b0db6fccecfe246193d058bc4
1a44891655ed7a30ec4bd0637424a48394b5f3b9
404104ad157e5191ef7bce20b0ed456beb60fb0624f8252c2699f063c613707a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f3799ee-6598-4ce8-bef0-6d88a12108fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11230
x-amzn-requestid: 427e41df-521e-47c5-96b7-1f1552411185
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhHH1H_DoAMF0Ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a38565-6c4314174538f61b17341177;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 22:15:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z-igEfVkJ5ydOvczfnA0qgRVmQktUrbkpbK5D_pS26st0JJLhkzaLA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 03:27:00 GMT
age: 2670
etag: "1a44891655ed7a30ec4bd0637424a48394b5f3b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2