karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
89.117.188.39301 Moved Permanently 707 B URL HTTP/1.1 karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
IP 89.117.188.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 18 Mar 2023 09:44:24 GMT
server: LiteSpeed
location: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
platform: hostinger
content-security-policy: upgrade-insecure-requests
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6033
Expires: Sat, 18 Mar 2023 11:24:57 GMT
Date: Sat, 18 Mar 2023 09:44:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3396075e8f2d9ceae3bd11f94111fed8
98ba4ccf6b0e38a91c69b76ac1dc07313773ed1d
e533d6bd6a8080facdff772bcbf359373dab2d5a6fe5eabe64f95e68a8cd23aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E533D6BD6A8080FACDFF772BCBF359373DAB2D5A6FE5EABE64F95E68A8CD23AA"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3229
Expires: Sat, 18 Mar 2023 10:38:13 GMT
Date: Sat, 18 Mar 2023 09:44:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 29fdbcd53b5646cfcdd46510063734c4
85e3ceda5ef130219f4fe8a31e52e2690c8f7d8e
24c27586332c016685e6231fec5836e921048d8aaefbcd4cd6f88969f9d91e18
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 18 Mar 2023 09:26:54 GMT
content-type: application/json
age: 1050
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 12cdbcb1b0785dc0423386448ac68c9c
08cff6b76fd708f0cef3c5bdb8fc72570c4536bd
bb7622a85d32cbff40abd2995055e03dbac05dd841b9a84d9023a5510d89e534
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB7622A85D32CBFF40ABD2995055E03DBAC05DD841B9A84D9023A5510D89E534"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3741
Expires: Sat, 18 Mar 2023 10:46:45 GMT
Date: Sat, 18 Mar 2023 09:44:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vJ/uoj3RpD4bDffJZ8sro3B37AixbvbKoVMzyr0AXOUUiKI1eqqZ2th1VGHnW0p7DU6UUBXrRJc=
x-amz-request-id: 09JQJPR51W0EHCAQ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 18 Mar 2023 08:57:48 GMT
age: 2796
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 09:44:24 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Pragma, Content-Type, Content-Length, Cache-Control, Expires, Backoff, Alert, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 18 Mar 2023 09:14:32 GMT
age: 1793
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 70f795f7a73fb087a4b08eebe6e2a970
faaa9283e766256900f3c3e00dee00973e7da2a6
4f7e4813f82f60ebf9c536d9342726307686931df7309a4c367f3b658602efde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F7E4813F82F60EBF9C536D9342726307686931DF7309A4C367F3B658602EFDE"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6418
Expires: Sat, 18 Mar 2023 11:31:23 GMT
Date: Sat, 18 Mar 2023 09:44:25 GMT
Connection: keep-alive
push.services.mozilla.com/
44.238.223.58101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.223.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tSbFap7S+iI1aafYu7lVJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LlQJilmCZmUi8tyudDT/Db9RSE0=
karthikestatecottages.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
89.117.188.39200 OK 4.6 kB URL HTTP/2 karthikestatecottages.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
IP 89.117.188.39:0
File type Unicode text, UTF-8 text, with very long lines (12075), with no line terminators
Hash e03020f95691b6e8f22ccf6a95273424
487f20ce26a53ce1520ce19205cb0e38b1917d26
b65d380786d26ecbba5b0bcaea54e57125e79fbbd94074050115293502aabcf1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: application/x-javascript
last-modified: Thu, 15 Dec 2022 09:48:13 GMT
etag: "2f42-639aed5d-1bed499316c0f97c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4638
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 10bb1da74cabb050bb1f1af5989d201a
a28a2ce1097c2bbbbd42869df64551a01d2c7de4
180b15454b4cd4d39194bee9ce00122c7cffb85decddb8083d3f1361ea01eb13
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
karthikestatecottages.com/wp-content/litespeed/css/72d99b64282f7c39a51a7dc056ef510d.css?ver=4783f
89.117.188.39200 OK 2.4 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/72d99b64282f7c39a51a7dc056ef510d.css?ver=4783f
IP 89.117.188.39:0
File type ASCII text, with very long lines (11335), with no line terminators
Hash d117c41ae321a098d18351364fb60fcf
c1389b6248fb755f7aa97d8c00fa7920ba709560
27dfb226eee95472a65b0a5dfff9a14d6ab8eca52b79747447469d8a22a6f89c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/72d99b64282f7c39a51a7dc056ef510d.css?ver=4783f HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "2c47-641587f9-6088d229be0b69a1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2389
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/67ad67f660d31fca7dbcf5e43ebc64eb.css?ver=0e2f4
89.117.188.39200 OK 979 B URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/67ad67f660d31fca7dbcf5e43ebc64eb.css?ver=0e2f4
IP 89.117.188.39:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 4fd9511f9170c49fc5a919babe4756cf
bd158ae63b48add4d918b34137c3ec42df1eb377
295c29dc143e878b330361cdc68ce98610eabd5e4fa08676607ef9786fc761b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/67ad67f660d31fca7dbcf5e43ebc64eb.css?ver=0e2f4 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "105a-641587f9-bb6a128e21439b5d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 979
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/eb7e6d7525599c5d35819c8614f88177.css?ver=56497
89.117.188.39200 OK 11 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/eb7e6d7525599c5d35819c8614f88177.css?ver=56497
IP 89.117.188.39:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 78bafc79c072adaf104b9221177ce381
1953f7afc4736db04681082db8af7bdc805fab9e
a1825321e7e140a96117c7842278cb042675ddcfaa2335b968c3bda9be72480b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/eb7e6d7525599c5d35819c8614f88177.css?ver=56497 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "17193-641587f9-a0a0df528e8495b4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11302
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/28d7a7b6170f194201beacbe7fd5b7ad.css?ver=a7ff3
89.117.188.39200 OK 4.6 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/28d7a7b6170f194201beacbe7fd5b7ad.css?ver=a7ff3
IP 89.117.188.39:0
File type ASCII text, with very long lines (21941), with no line terminators
Hash 1b94a8896c1bdf34021067f2dee36eef
ee1511c11d182d2fc8141ac87171484bbd0a4ceb
2b4bd018f13bdb3693d37c737f775f80971ac14d8fa71a0efdd1dd14a14d9289
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/28d7a7b6170f194201beacbe7fd5b7ad.css?ver=a7ff3 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "55b5-641587f9-721b779761e97cba;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4640
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/8e1562a058441e964dd3d0daf182c272.css?ver=72e73
89.117.188.39200 OK 722 B URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/8e1562a058441e964dd3d0daf182c272.css?ver=72e73
IP 89.117.188.39:0
File type ASCII text, with very long lines (2216), with no line terminators
Hash d86ec3eb0568f1d47aff89d3bbd13bb3
4dbc294dbdd918780d24091ee7b877a7a80aced0
3a488242b286ef86b4803de5523cd11e9d25d75d8d4f08e0426398ca3df65100
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/8e1562a058441e964dd3d0daf182c272.css?ver=72e73 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "8a8-641587f9-8d0e166f787a9840;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 722
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
karthikestatecottages.com/wp-content/litespeed/css/c238ec3dbb66d139abe9642101d15490.css?ver=f6a3a
89.117.188.39200 OK 6.1 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/c238ec3dbb66d139abe9642101d15490.css?ver=f6a3a
IP 89.117.188.39:0
File type ASCII text, with very long lines (28710)
Hash 18def2ee9247c732010a4e6dd988562d
d6527b6a930a6bc3a4833894576573fe83ec7fca
10637ef1d303479ae08da09b9c95d0644d386ab48606e558724ccd971a0e7429
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/c238ec3dbb66d139abe9642101d15490.css?ver=f6a3a HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "a1b0-641587f9-b201c5cf2cb4c846;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6134
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/f730e910073d3407fc066c352d75ef27.css?ver=63111
89.117.188.39200 OK 5.3 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/f730e910073d3407fc066c352d75ef27.css?ver=63111
IP 89.117.188.39:0
File type ASCII text, with very long lines (42873), with no line terminators
Hash 841cbef9783716c9d2c1096cbcc379d3
07941a598874ebf14e2fe4ea01cdc88d298db2d9
7d24dd6724e2093c4c08f1dc502fdfdb90b797f41d587b893cef50bc4f694c21
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/f730e910073d3407fc066c352d75ef27.css?ver=63111 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "a779-641587f9-5cf0d8a4a35df7f3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5291
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
89.117.188.39200 OK 30 kB URL HTTP/2 karthikestatecottages.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 89.117.188.39:0
File type ASCII text, with very long lines (65447)
Hash cdbbc979b5a5de31a3ac8296e0ef489e
b83000eb74956c3404fb58c87e95aed5bab2ed19
48a6489945365cddb4c75af60f1e6a8a15d6598a1596ef18eb1b4aaad33e96f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Nov 2022 23:40:32 GMT
etag: "15e54-63742370-f3ebf00da111caa3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30075
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/6f803db37a657be1f53fee84b5b47faa.css?ver=1b82a
89.117.188.39200 OK 15 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/6f803db37a657be1f53fee84b5b47faa.css?ver=1b82a
IP 89.117.188.39:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9da2ba0734ec913d02270f681ee5bd5a
acb2d5b0e8e88d5e4ad9d05ea5c03f893d9b4320
1af7c2fcedbb09724b2db69ad4ec58a0fc9873e1959d9b91a399ac32190acd98
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/6f803db37a657be1f53fee84b5b47faa.css?ver=1b82a HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "151af-641587f9-75ec0d3435c4657d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15313
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/3a56923e62cb9e1bcbadcd7e294045ca.js?ver=496cb
89.117.188.39200 OK 4.0 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/3a56923e62cb9e1bcbadcd7e294045ca.js?ver=496cb
IP 89.117.188.39:0
File type ASCII text, with very long lines (11125)
Hash 6fcfc772873ce01c4baf5ee51d90fc81
8e504bae5c61c880f790fbc715c155bce1d5517f
88f15aaa4a648316b071a23d9241d57076f3c59d79af339dad57958f55e65184
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/3a56923e62cb9e1bcbadcd7e294045ca.js?ver=496cb HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "2bd8-641587f9-806229967ea00252;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3984
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/f5d9ceb442b128ee5879bc7cc7c6247b.css?ver=5781e
89.117.188.39200 OK 581 B URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/f5d9ceb442b128ee5879bc7cc7c6247b.css?ver=5781e
IP 89.117.188.39:0
File type ASCII text, with very long lines (3290), with no line terminators
Hash 1570bcfdc804ea32e06b14959006627c
1c197798673a5e7370b2e095aad6602b79144732
38c25ed721ec38d7f825f660e705bed942e28044021b3d6fb2ea05d0c088a74f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/f5d9ceb442b128ee5879bc7cc7c6247b.css?ver=5781e HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "cda-641587f9-231db29294865fa6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 581
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/417fb907586e584e0d226d2b21711b92.css?ver=0fe2e
89.117.188.39200 OK 930 B URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/417fb907586e584e0d226d2b21711b92.css?ver=0fe2e
IP 89.117.188.39:0
File type ASCII text, with very long lines (7397), with no line terminators
Hash 352832de6465ee04d80245443fe0c516
ae053adcfb86d8ed0b201371595785e6f4a6a9d3
d0af500576df26554b62e1b724a712e5f0265d34b82e7dfa583989fff1b64127
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/417fb907586e584e0d226d2b21711b92.css?ver=0fe2e HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "1ce5-641587f9-ea1ef86a47b57ac5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 930
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/da19b69de124bba871c59f991d5abb78.css?ver=00f5a
89.117.188.39200 OK 942 B URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/da19b69de124bba871c59f991d5abb78.css?ver=00f5a
IP 89.117.188.39:0
File type ASCII text, with very long lines (8674), with no line terminators
Hash b0e72376ea3b304725bc6c8fdbced34b
391af0626aa6e075c3304af07a6dc5fae16cab1a
280a9ba71ff0f571a47d007a541569adffba5b7d35b5ff1e19dd10d6c8188c98
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/da19b69de124bba871c59f991d5abb78.css?ver=00f5a HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "21e2-641587f9-a30f9a138dc85a8b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 942
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/cfe9f73e6db21967110cbb9e7d6b872b.js?ver=9bf4c
89.117.188.39200 OK 2.8 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/cfe9f73e6db21967110cbb9e7d6b872b.js?ver=9bf4c
IP 89.117.188.39:0
File type ASCII text, with very long lines (9936)
Hash f3872a7035110eefef692d7c374e3510
661bdafb532a89dc5d25a429ca31d0b395663e04
a898f1bb3087ef50045f0f32b632266669a25ae66502b27e87c3633496a34e15
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/cfe9f73e6db21967110cbb9e7d6b872b.js?ver=9bf4c HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "26d2-641587f9-b0567c5e8472159a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2806
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/c85f03e1a7cc5be42fa7fa7c1b037401.js?ver=41d40
89.117.188.39200 OK 3.7 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/c85f03e1a7cc5be42fa7fa7c1b037401.js?ver=41d40
IP 89.117.188.39:0
File type HTML document, ASCII text, with very long lines (12309)
Hash e5ed5f6cd0d263d8d07d0d66e9464ea9
6174407a0b59fc129644dc44aed5bf3e53ca11bd
e5c88710daa953488ab74e46966a9900f1903c05960fa84612abf16587a166be
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/c85f03e1a7cc5be42fa7fa7c1b037401.js?ver=41d40 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "3017-641587f9-d3237d6bbb674884;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3700
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/12337bc2d6f5fc0d02755cbd085a32d4.js?ver=a5970
89.117.188.39200 OK 906 B URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/12337bc2d6f5fc0d02755cbd085a32d4.js?ver=a5970
IP 89.117.188.39:0
File type HTML document, ASCII text, with very long lines (593)
Hash 0b893d3066047a59732e9c9cd7529240
f52b5c012a8e27a3bff6ba4adb25e51896079ee9
3673b2db64a04f1453353cac89f9d8291a6500b4b900cf086a308ebd3d28f426
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/12337bc2d6f5fc0d02755cbd085a32d4.js?ver=a5970 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "995-641587f9-572ce90d79df6e5a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 906
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/91aa9e0adf0c8c2ae3f443d1848ace02.js?ver=1f875
89.117.188.39200 OK 358 B URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/91aa9e0adf0c8c2ae3f443d1848ace02.js?ver=1f875
IP 89.117.188.39:0
File type ASCII text, with very long lines (413)
Hash 737b0a6cae20374e611649d2ce2ca530
687a2990c5621362297568d618f440ed84484904
36e239cc947006bbaa9bec76873e225fefc96f581f060e793aa07f412573a732
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/91aa9e0adf0c8c2ae3f443d1848ace02.js?ver=1f875 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "37c-641587f9-3359a9363c703120;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 358
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/fee2d6f9c7e7dd016098681f67c4fe44.js?ver=5978d
89.117.188.39200 OK 2.4 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/fee2d6f9c7e7dd016098681f67c4fe44.js?ver=5978d
IP 89.117.188.39:0
File type ASCII text, with very long lines (6475)
Hash 89b6f15fa77dad71dba8755f12d05130
3167ce7803f8738fd8eefe28307bbe4f868fa992
e0c7449122833fa33b579336b340259da3f705ae8258741b9144560cc20d2066
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/fee2d6f9c7e7dd016098681f67c4fe44.js?ver=5978d HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "194d-641587f9-2c1b7d9f34f8352;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2353
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/43561677c57e5b1d434f961aa7435971.js?ver=35971
89.117.188.39200 OK 442 B URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/43561677c57e5b1d434f961aa7435971.js?ver=35971
IP 89.117.188.39:0
File type ASCII text, with very long lines (999)
Hash 0ab7d4cc5db38fbaa88bbe787c9d6834
17fac5fa9429b9e9420d116b3053d34410deb600
a340f5e83a224c57adcc4d49ad444739cdc9e7d6a93f4dc4f46776304d4fc562
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/43561677c57e5b1d434f961aa7435971.js?ver=35971 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "3e9-641587f9-f8a77a7c0f63917a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 442
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/et-cache/275/et-core-unified-cpt-deferred-275.min.css?ver=1678362826
89.117.188.39200 OK 943 B URL HTTP/2 karthikestatecottages.com/wp-content/et-cache/275/et-core-unified-cpt-deferred-275.min.css?ver=1678362826
IP 89.117.188.39:0
File type ASCII text, with very long lines (9089), with no line terminators
Hash 73aae09117c847158f6b83c0cc9bb7bc
d672a6ee007db203d7292c0508a277ada5f6cdd2
35be656eeb7cb93aa0f41e2f03e514ccb39f50f770c8d159bcf280f1889c08b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/et-cache/275/et-core-unified-cpt-deferred-275.min.css?ver=1678362826 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: text/css
last-modified: Thu, 09 Mar 2023 11:53:46 GMT
etag: "2381-6409c8ca-ebb66c0d440817ab;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 943
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/e7c1d41e270196d688189a9f163b0202.js?ver=cbd88
89.117.188.39200 OK 14 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/e7c1d41e270196d688189a9f163b0202.js?ver=cbd88
IP 89.117.188.39:0
File type ASCII text, with very long lines (58141)
Hash 58ba9252e425c1c2b0bf6f9eb0e30309
8eaa7ab296a7720e66205454a734f3e947d9e3a1
e677eb91650ac420df9cfc58ad415417cfb5d9fe5e1f630b5dace289bc2779ac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/e7c1d41e270196d688189a9f163b0202.js?ver=cbd88 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "e31f-641587f9-e078863e4d244e67;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14231
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/370f679cbafa77014ada20d864a14360.js?ver=257f6
89.117.188.39200 OK 6.3 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/370f679cbafa77014ada20d864a14360.js?ver=257f6
IP 89.117.188.39:0
File type Unicode text, UTF-8 text, with very long lines (17818)
Hash 3f241bce496ac2e0642a607788563901
4b0e8ccc4e95958adbab41a88942dc9ea68a0ea1
444d480feb917b81aac80c37230cb8ea1e02f8ff94bd398ee6d7cc928faabe7c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/370f679cbafa77014ada20d864a14360.js?ver=257f6 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "45a0-641587f9-56cd89d2e43f16ee;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6295
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/29fb4cef923a216602b788d65cf5cc5d.js?ver=e8bb9
89.117.188.39200 OK 64 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/29fb4cef923a216602b788d65cf5cc5d.js?ver=e8bb9
IP 89.117.188.39:0
File type ASCII text, with very long lines (65467)
Hash cf3d5a58c19b4007f66ec1094bb4bb13
6037dc54a4d7bdad67b0aa9e1ae0bc91fec774f9
f3dc1b54aad1593fbf515f52ca3d0e9d18acf9790be74bebc4308cd8a8846221
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/29fb4cef923a216602b788d65cf5cc5d.js?ver=e8bb9 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:26 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:25 GMT
etag: "42f6a-641587f9-5e1eb0dbabd5835c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 64357
date: Sat, 18 Mar 2023 09:44:26 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5a2f6d953f946b542f1145cdcae9946e
00184b28856db5a12858eab98f97dc01c1471449
7f32b4afd160b8ecff360fc0e83e582cf49918a379c6c73f2a837c48439aab00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.wp.com/g.gif?v=ext&blog=214677232&post=0&tz=0&srv=karthikestatecottages.com&j=1%3A11.6&host=karthikestatecottages.com&ref=&fcp=2243&rand=0.8155884482068898
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=214677232&post=0&tz=0&srv=karthikestatecottages.com&j=1%3A11.6&host=karthikestatecottages.com&ref=&fcp=2243&rand=0.8155884482068898
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=214677232&post=0&tz=0&srv=karthikestatecottages.com&j=1%3A11.6&host=karthikestatecottages.com&ref=&fcp=2243&rand=0.8155884482068898 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 09:44:26 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6256
Expires: Sat, 18 Mar 2023 11:28:42 GMT
Date: Sat, 18 Mar 2023 09:44:26 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6256
Expires: Sat, 18 Mar 2023 11:28:42 GMT
Date: Sat, 18 Mar 2023 09:44:26 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6256
Expires: Sat, 18 Mar 2023 11:28:42 GMT
Date: Sat, 18 Mar 2023 09:44:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f53bb1fb90c97461035e7f9f7f7837e
961b5fcbca5b49ca9136e74931253bb300aa1985
dad960991444a4cbd8841e5c673b0e4337bdeb8c18672b5cfadb93d4ac70e8d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11673
x-amzn-requestid: 3675d2d9-47ab-4712-9511-0ad7570dd3cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eNfFXSIAMFbhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd89-53c9817044fda17b212f0237;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 3NRQ90kGnSsxxMeQA9UqBNxrT5CpJWJgKKPWHwcj2XBkSIjiwE55sw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:53:23 GMT
etag: "961b5fcbca5b49ca9136e74931253bb300aa1985"
content-type: image/jpeg
age: 39063
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feedd77c7-8b8f-4bac-96f9-56463f5c0e54.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feedd77c7-8b8f-4bac-96f9-56463f5c0e54.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23a8641328e19a1089aba9c25b56f5f9
6e6bae868b11788860aa23c5c35ee86d4e7edd80
7e16b14c774413387d81c06e068738a0f97882cd32ebdbf61ad711fa8aa8a5d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feedd77c7-8b8f-4bac-96f9-56463f5c0e54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5531
x-amzn-requestid: dcb5f835-dae0-4fd2-846d-33e52501b016
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eS7HtSoAMF8eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414ddac-2e1022da61b5532756dcbeff;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: z4j-PSYSG-H58566292KAzF1Y08DrgcxvunTtWBD8dErl3n_oRweyA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:33:34 GMT
etag: "6e6bae868b11788860aa23c5c35ee86d4e7edd80"
content-type: image/jpeg
age: 40252
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f28ddee-c5ae-4106-9ce2-9c8042cd4b69.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f28ddee-c5ae-4106-9ce2-9c8042cd4b69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05370e6d7505b4529eea9e993f98e1fe
83339f33716c03c3ea995a323bb040b50f5b7edc
563d0b70a19778405fd332ca5172840a6103cd363771108e172b1b1815303abf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f28ddee-c5ae-4106-9ce2-9c8042cd4b69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11204
x-amzn-requestid: d84b9e32-9fea-45ce-87ef-508caff41b62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eTFG8GIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414ddad-29cab07f73030a1145e941b6;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: zVpaEcPZ1C7mdKusWhw8JSrURp_0FYRpK-6tP-ckngxWEdUzORYGnA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:58:45 GMT
age: 38741
etag: "83339f33716c03c3ea995a323bb040b50f5b7edc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81dbfdb8-26cc-4102-a473-7abad9fd457f.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81dbfdb8-26cc-4102-a473-7abad9fd457f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6bf45a36da4093865623e4589f5622d
8ae05a37e2328f1b2a9a5bd1fc9001b3d0d113f8
74520b46f0421cecc212cb6545e2de3a272e451e9ca98d63a93a79cdecb5fe31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81dbfdb8-26cc-4102-a473-7abad9fd457f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7775
x-amzn-requestid: 2dbbabf2-21ea-41dd-bab4-2633e0b9c1f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eSnH6PoAMFqLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414ddaa-77694c0e5ac1f85e61fd877a;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: WqGNdoOodlii6mN-X8lIvUeV6168neJUtkE8FsKbSWBkgbd5IAx7QA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 21:48:47 GMT
age: 42939
etag: "8ae05a37e2328f1b2a9a5bd1fc9001b3d0d113f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be71491cee9b47dc3ffb23b4fdff25b3
79c7d22c8df6d305f46c5779ccb9f25169d4d111
e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8487
x-amzn-requestid: f904b483-c6ae-4318-9932-4e48d8188585
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvTpAEUAIAMFUig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f996c-5905cad6148df52e4f10ecf5;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:45:16 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: iFDVPB-wzZyIG9xYU-f3rnebwRbaWDo90aD520OcgsptZR0vmkc2ew==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 23:05:01 GMT
age: 38365
etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1533684819dcbf9e77684c19eb86465
489f8f036efd23ce36085af127af7d6c794fe00b
9154a471013bd0972fad93ea4eeaf4b23f66dd1534e0d9cc302263aca0f94bd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12424
x-amzn-requestid: 64a89fbe-4ac0-4059-a481-37c30ae36928
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eOuEG2oAMF1Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd91-0492160f3e8196a23fc53eda;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: tx--67yg-v6sA1zslsl2iUXzLbdnWhU-cMqTDpxldZg-qog8-urKcA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:33:23 GMT
etag: "489f8f036efd23ce36085af127af7d6c794fe00b"
content-type: image/jpeg
age: 40263
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stats.wp.com/e-202311.js
192.0.76.3200 OK 7.8 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash a409fc501e71fc595cb62c6a3d303380
7f12e3e9ab72c822f5956a6a772667308709e2ef
4fe43e096e9dd94f4c0f7b92f5d233587167c1bdce4608b60f9223d7cdb84e4e
GET /e-202311.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 09:44:26 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 10 Mar 2024 23:12:08 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 84ac5d936d907b700d85eea00c2d65ab
a7dd41a0bfa0478095e1036c38d2a1daeeef4c26
5d579202f8f20c739043d08852b9dd08b5e89a4458c184c6c5dc56329938a2c4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75f3b034e003024415ede09b0925ea2d
bc4ae811ce952d881f4f356d23f35f141e9d38a7
d7f837a51fcff2870c57654958a3ad6f0ba14ba99f883aaaa738d6f72314b221
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 45d5309ec51c13466da5b0c4500d797f
11bfed48098a7ee50c43ab9ef0748ec2b05ad4b6
2db5fd13873b12d46ce7d2e1b79fa3af2b4e1cd124e8f769138b5dcbc0168b95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
89.117.188.39404 Not Found 0 B URL HTTP/2 karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php
IP 89.117.188.39:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/sms.php HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.1910665093.1679132655; _ga_MXCGE16QRD=GS1.1.1679132655.1.0.1679132660.0.0.0; _ga=GA1.2.1822550475.1679132655; _gid=GA1.2.1814529661.1679132656; _gat_UA-207024867-1=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/8.1.16
x-dns-prefetch-control: on
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://karthikestatecottages.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 3b5_HTTP.404,3b5_404,3b5_URL.9b6724e69e7f522bc6659f920645da50,3b5_,3b5_CCSS.29901685d9cbced33f58b45c32eb2c02
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:25 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2