r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3396075e8f2d9ceae3bd11f94111fed8
98ba4ccf6b0e38a91c69b76ac1dc07313773ed1d
e533d6bd6a8080facdff772bcbf359373dab2d5a6fe5eabe64f95e68a8cd23aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E533D6BD6A8080FACDFF772BCBF359373DAB2D5A6FE5EABE64F95E68A8CD23AA"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3223
Expires: Sat, 18 Mar 2023 10:38:13 GMT
Date: Sat, 18 Mar 2023 09:44:30 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6027
Expires: Sat, 18 Mar 2023 11:24:57 GMT
Date: Sat, 18 Mar 2023 09:44:30 GMT
Connection: keep-alive
karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
89.117.188.39301 Moved Permanently 707 B URL HTTP/1.1 karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
IP 89.117.188.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 18 Mar 2023 09:44:30 GMT
server: LiteSpeed
location: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
platform: hostinger
content-security-policy: upgrade-insecure-requests
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 12cdbcb1b0785dc0423386448ac68c9c
08cff6b76fd708f0cef3c5bdb8fc72570c4536bd
bb7622a85d32cbff40abd2995055e03dbac05dd841b9a84d9023a5510d89e534
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB7622A85D32CBFF40ABD2995055E03DBAC05DD841B9A84D9023A5510D89E534"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3735
Expires: Sat, 18 Mar 2023 10:46:45 GMT
Date: Sat, 18 Mar 2023 09:44:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 29fdbcd53b5646cfcdd46510063734c4
85e3ceda5ef130219f4fe8a31e52e2690c8f7d8e
24c27586332c016685e6231fec5836e921048d8aaefbcd4cd6f88969f9d91e18
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 18 Mar 2023 09:26:54 GMT
content-type: application/json
age: 1056
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: s3epQhLMXXk/JmMuu9v/7wN6IG7lcNshKB1AwUyEGOh07aZ/SZqDAu/Bi3Z/snxMJ0W6pcTfvHE=
x-amz-request-id: 9KS90E1APZQ77N53
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 18 Mar 2023 08:51:52 GMT
age: 3158
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 09:44:30 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Pragma, Content-Type, Content-Length, Cache-Control, Expires, Backoff, Alert, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 18 Mar 2023 09:17:21 GMT
age: 1629
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 70f795f7a73fb087a4b08eebe6e2a970
faaa9283e766256900f3c3e00dee00973e7da2a6
4f7e4813f82f60ebf9c536d9342726307686931df7309a4c367f3b658602efde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F7E4813F82F60EBF9C536D9342726307686931DF7309A4C367F3B658602EFDE"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6412
Expires: Sat, 18 Mar 2023 11:31:23 GMT
Date: Sat, 18 Mar 2023 09:44:31 GMT
Connection: keep-alive
push.services.mozilla.com/
34.212.1.171101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.1.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dqfP9EGKT4ku5QzvnbgPFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xqU2pDrLCct3em1CBhbC6sv0CiM=
karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
89.117.188.39404 Not Found 27 kB URL HTTP/2 karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
IP 89.117.188.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (33542)
Hash d16be369dfaac39db1cfbac4046661cc
011e9510a5896a5cd6195ba0e2b02e44d546ac9c
9390a31b8b040d54442d0f9f59a228e6f492fe6b13b7186a8399a540afcf5cab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/8.1.16
x-dns-prefetch-control: on
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://karthikestatecottages.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: miss
content-length: 27301
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:31 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/ucss/81b9239853fbd6be8e74b15e317445e9.css?ver=3ff62
89.117.188.39200 OK 1.2 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/ucss/81b9239853fbd6be8e74b15e317445e9.css?ver=3ff62
IP 89.117.188.39:0
File type ASCII text, with very long lines (4830), with no line terminators
Hash f4a52cbca05dc4410c02d7c2df381001
84395bc1d3fadb0c969b172a0fddbf45e08ebba5
d5e387a006a6be5ea6821335c821607d9d6c536ac2f60e855ce1fa06fb62899f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/ucss/81b9239853fbd6be8e74b15e317445e9.css?ver=3ff62 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:31 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 14:54:52 GMT
etag: "12de-638228bc-cc55c0f8db0eb4fa;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1188
date: Sat, 18 Mar 2023 09:44:31 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/et-cache/275/et-core-unified-cpt-deferred-275.min.css?ver=1678362826
89.117.188.39200 OK 943 B URL HTTP/2 karthikestatecottages.com/wp-content/et-cache/275/et-core-unified-cpt-deferred-275.min.css?ver=1678362826
IP 89.117.188.39:0
File type ASCII text, with very long lines (9089), with no line terminators
Hash 73aae09117c847158f6b83c0cc9bb7bc
d672a6ee007db203d7292c0508a277ada5f6cdd2
35be656eeb7cb93aa0f41e2f03e514ccb39f50f770c8d159bcf280f1889c08b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/et-cache/275/et-core-unified-cpt-deferred-275.min.css?ver=1678362826 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:31 GMT
content-type: text/css
last-modified: Thu, 09 Mar 2023 11:53:46 GMT
etag: "2381-6409c8ca-ebb66c0d440817ab;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 943
date: Sat, 18 Mar 2023 09:44:31 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/et-cache/notfound/et-divi-dynamic-tb-306-tb-275-late.css
89.117.188.39200 OK 6.1 kB URL HTTP/2 karthikestatecottages.com/wp-content/et-cache/notfound/et-divi-dynamic-tb-306-tb-275-late.css
IP 89.117.188.39:0
File type ASCII text, with very long lines (11014)
Hash 387e9ef3738a5cb17dd4664b99e0973e
d4833aa77d571035505ea624d9d22ef19b4ccd60
00f12e17430b1cc8d2f4950da660065cb3b7ed11e0e360a8de19cee6df8038ff
GET /wp-content/et-cache/notfound/et-divi-dynamic-tb-306-tb-275-late.css HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:31 GMT
content-type: text/css
last-modified: Thu, 09 Mar 2023 11:53:46 GMT
etag: "a1b0-6409c8ca-3996924336afab75;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6140
date: Sat, 18 Mar 2023 09:44:31 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/themes/Divi/core/admin/fonts/modules/social/modules.ttf
89.117.188.39200 OK 5.9 kB URL HTTP/2 karthikestatecottages.com/wp-content/themes/Divi/core/admin/fonts/modules/social/modules.ttf
IP 89.117.188.39:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, ETmodules \012- data
Hash fd819149ea6e2074186c600086745092
9a99fabb54aa10741aef7014d53ae3ef0ec5e130
fee6b82cb48a3d100510e520c0e59011e0124679127034b05a736b4b9d5e63c4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/fonts/modules/social/modules.ttf HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/litespeed/ucss/81b9239853fbd6be8e74b15e317445e9.css?ver=3ff62
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:31 GMT
content-type: application/x-font-ttf
last-modified: Sat, 26 Nov 2022 14:52:15 GMT
etag: "289c-6382281f-c9c3a87062d82317;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5918
date: Sat, 18 Mar 2023 09:44:31 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/plugins/litespeed-cache/guest.vary.php
89.117.188.39200 OK 20 B URL HTTP/2 karthikestatecottages.com/wp-content/plugins/litespeed-cache/guest.vary.php
IP 89.117.188.39:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fa959e6aa35e467e34c09eb24f24daa8
caccea25ee198ae325d02ca3d02699ba57694b9f
ff788b96ca99d371d40e70f701f66bd58740893a83c145e9a810539ce9c02ffa
Analyzer Verdict Alert fortinet Phishing
POST /wp-content/plugins/litespeed-cache/guest.vary.php HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Origin: https://karthikestatecottages.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/8.1.16
x-litespeed-cache-control: no-cache
set-cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; expires=Mon, 20-Mar-2023 09:44:31 GMT; Max-Age=172800; path=/; secure; HttpOnly
content-type: text/html; charset=UTF-8
content-length: 20
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:31 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6250
Expires: Sat, 18 Mar 2023 11:28:42 GMT
Date: Sat, 18 Mar 2023 09:44:32 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6250
Expires: Sat, 18 Mar 2023 11:28:42 GMT
Date: Sat, 18 Mar 2023 09:44:32 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6250
Expires: Sat, 18 Mar 2023 11:28:42 GMT
Date: Sat, 18 Mar 2023 09:44:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81dbfdb8-26cc-4102-a473-7abad9fd457f.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81dbfdb8-26cc-4102-a473-7abad9fd457f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6bf45a36da4093865623e4589f5622d
8ae05a37e2328f1b2a9a5bd1fc9001b3d0d113f8
74520b46f0421cecc212cb6545e2de3a272e451e9ca98d63a93a79cdecb5fe31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81dbfdb8-26cc-4102-a473-7abad9fd457f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7775
x-amzn-requestid: 2dbbabf2-21ea-41dd-bab4-2633e0b9c1f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eSnH6PoAMFqLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414ddaa-77694c0e5ac1f85e61fd877a;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: WqGNdoOodlii6mN-X8lIvUeV6168neJUtkE8FsKbSWBkgbd5IAx7QA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 21:48:47 GMT
age: 42945
etag: "8ae05a37e2328f1b2a9a5bd1fc9001b3d0d113f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feedd77c7-8b8f-4bac-96f9-56463f5c0e54.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feedd77c7-8b8f-4bac-96f9-56463f5c0e54.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23a8641328e19a1089aba9c25b56f5f9
6e6bae868b11788860aa23c5c35ee86d4e7edd80
7e16b14c774413387d81c06e068738a0f97882cd32ebdbf61ad711fa8aa8a5d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feedd77c7-8b8f-4bac-96f9-56463f5c0e54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5531
x-amzn-requestid: dcb5f835-dae0-4fd2-846d-33e52501b016
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eS7HtSoAMF8eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414ddac-2e1022da61b5532756dcbeff;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: z4j-PSYSG-H58566292KAzF1Y08DrgcxvunTtWBD8dErl3n_oRweyA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:33:34 GMT
etag: "6e6bae868b11788860aa23c5c35ee86d4e7edd80"
content-type: image/jpeg
age: 40258
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be71491cee9b47dc3ffb23b4fdff25b3
79c7d22c8df6d305f46c5779ccb9f25169d4d111
e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8487
x-amzn-requestid: f904b483-c6ae-4318-9932-4e48d8188585
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvTpAEUAIAMFUig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f996c-5905cad6148df52e4f10ecf5;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:45:16 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: iFDVPB-wzZyIG9xYU-f3rnebwRbaWDo90aD520OcgsptZR0vmkc2ew==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 23:05:01 GMT
age: 38371
etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40e2a3b3-37f8-42f7-b325-1c024f6fef78.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40e2a3b3-37f8-42f7-b325-1c024f6fef78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 287942068e5c114ef7e850e5d804a84c
8c3defe991737b319b13a7fd517b4439250585eb
fc8ca53d016675a0ee8e47cac9e00abfa1a08bb2ea98d73b639664d7878cb569
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40e2a3b3-37f8-42f7-b325-1c024f6fef78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10711
x-amzn-requestid: 8436532f-2196-45de-8e2b-5ee15253afaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eNhFLAoAMFZaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd89-19d01219003e31083396f142;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 1gGzi5dXgaXabdLgB4FJyCyfiZixPkK9MmXSc-Vz_1fb72FQwqxcMA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 21:48:47 GMT
age: 42945
etag: "8c3defe991737b319b13a7fd517b4439250585eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f53bb1fb90c97461035e7f9f7f7837e
961b5fcbca5b49ca9136e74931253bb300aa1985
dad960991444a4cbd8841e5c673b0e4337bdeb8c18672b5cfadb93d4ac70e8d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11673
x-amzn-requestid: 3675d2d9-47ab-4712-9511-0ad7570dd3cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eNfFXSIAMFbhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd89-53c9817044fda17b212f0237;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 3NRQ90kGnSsxxMeQA9UqBNxrT5CpJWJgKKPWHwcj2XBkSIjiwE55sw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:53:23 GMT
etag: "961b5fcbca5b49ca9136e74931253bb300aa1985"
content-type: image/jpeg
age: 39069
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff784a508-c4b6-43b8-aef0-aed98e41fff2.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff784a508-c4b6-43b8-aef0-aed98e41fff2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8895f37f5abd28598cae47303ec912d2
c5bc2c1ef3a7819b9456fff476ffa2f93b954b0a
e79cca3d8a87088262492024fe4c0d36d8b93dd88634e7ba75911d1393237008
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff784a508-c4b6-43b8-aef0-aed98e41fff2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7328
x-amzn-requestid: 7eee08f8-01f6-42d0-b3ef-e16a608a68be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8fJvFm0IAMFdtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414df0a-162212b7401ed34b32d72f4c;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:43:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: vsTH4EJwryon5WGGcCmV-RqUiIpdM3LDxS1MczTaLWrxPem0nZ_yRg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 1d000d0dfe9d69b4983f619fdc5499d6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:12:08 GMT
age: 41544
etag: "c5bc2c1ef3a7819b9456fff476ffa2f93b954b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
89.117.188.39200 OK 92 kB URL HTTP/2 karthikestatecottages.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
IP 89.117.188.39:0
File type Web Open Font Format, TrueType, length 92476, version 2.4\012- data
Hash 7d04c782e3ec7b655cb15e50245c4c49
6ac6c03ebcebc29f36f09525ae9564f12240776d
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/et-cache/notfound/et-divi-dynamic-tb-306-tb-275-late.css
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:32 GMT
content-type: application/font-woff
last-modified: Sat, 26 Nov 2022 14:52:15 GMT
etag: "1693c-6382281f-1ee45ad66ca4aa3c;;;"
accept-ranges: bytes
content-length: 92476
date: Sat, 18 Mar 2023 09:44:32 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
89.117.188.39200 OK 30 kB URL HTTP/2 karthikestatecottages.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 89.117.188.39:0
File type ASCII text, with very long lines (65447)
Hash cdbbc979b5a5de31a3ac8296e0ef489e
b83000eb74956c3404fb58c87e95aed5bab2ed19
48a6489945365cddb4c75af60f1e6a8a15d6598a1596ef18eb1b4aaad33e96f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:32 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Nov 2022 23:40:32 GMT
etag: "15e54-63742370-f3ebf00da111caa3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30075
date: Sat, 18 Mar 2023 09:44:32 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 44833c9693ab18d200fde052c3002929
58973605045e733f92833523b075fc5af5f5e64b
9e322fbe078c6ca79d2b1fdb515ebf0aa17017197a076ddac34fcb10afef2a45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5a2f6d953f946b542f1145cdcae9946e
00184b28856db5a12858eab98f97dc01c1471449
7f32b4afd160b8ecff360fc0e83e582cf49918a379c6c73f2a837c48439aab00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LcdJQMaAAAAANjL3YJ44n3_iMZptQK1omgxuuPh&ver=3.0
142.250.74.164400 Bad Request 119 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LcdJQMaAAAAANjL3YJ44n3_iMZptQK1omgxuuPh&ver=3.0
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 96612d2b1b529ecfcf09798c3eb100bf
4f32d5d3ccf4d44ae71309dfa8d6f9d396614a27
7c58bfa17d0c600b7455e6bfb3d8371fbf93da20a7a53ed1efad37d692f1cba0
GET /recaptcha/api.js?render=6LcdJQMaAAAAANjL3YJ44n3_iMZptQK1omgxuuPh&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 18 Mar 2023 09:44:33 GMT
expires: Sat, 18 Mar 2023 09:44:33 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 119
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-M8Z9SK2
142.250.74.168200 OK 65 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M8Z9SK2
IP 142.250.74.168:0
File type ASCII text, with very long lines (14989)
Hash 181cbb43f61b68e5b258c6521bcbc00d
2cfd2e8f315714c7d803535170f69702eacbfabe
38d78b6b41897c1a6c7f6bf69c43f237fc8a910073b9273fde8857c1fa8366f5
GET /gtm.js?id=GTM-M8Z9SK2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
expires: Sat, 18 Mar 2023 09:44:33 GMT
cache-control: private, max-age=900
last-modified: Sat, 18 Mar 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64819
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&blog=214677232&post=0&tz=0&srv=karthikestatecottages.com&j=1%3A11.6&host=karthikestatecottages.com&ref=&fcp=1819&rand=0.9927956600834758
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=214677232&post=0&tz=0&srv=karthikestatecottages.com&j=1%3A11.6&host=karthikestatecottages.com&ref=&fcp=1819&rand=0.9927956600834758
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=214677232&post=0&tz=0&srv=karthikestatecottages.com&j=1%3A11.6&host=karthikestatecottages.com&ref=&fcp=1819&rand=0.9927956600834758 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 09:44:33 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 10bb1da74cabb050bb1f1af5989d201a
a28a2ce1097c2bbbbd42869df64551a01d2c7de4
180b15454b4cd4d39194bee9ce00122c7cffb85decddb8083d3f1361ea01eb13
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5a2f6d953f946b542f1145cdcae9946e
00184b28856db5a12858eab98f97dc01c1471449
7f32b4afd160b8ecff360fc0e83e582cf49918a379c6c73f2a837c48439aab00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
karthikestatecottages.com/wp-content/litespeed/js/0a746710db3e9f31836ee0803b5d618a.js?ver=3ff62
89.117.188.39200 OK 98 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/0a746710db3e9f31836ee0803b5d618a.js?ver=3ff62
IP 89.117.188.39:0
File type ASCII text, with very long lines (54313)
Hash 9c45ff0f76fc56399b5027f2aad356ca
f696245c92e3954ee04eed6df9c8fb3bc180ec75
1871b2531973263a58c2b5605c210d57edd374541477a2c564d5cadb8d0f902d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/0a746710db3e9f31836ee0803b5d618a.js?ver=3ff62 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: application/x-javascript
last-modified: Thu, 15 Dec 2022 09:55:09 GMT
etag: "6055e-639aeefd-9985c51900bde609;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 97912
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 18 Mar 2023 07:53:25 GMT
expires: Sat, 18 Mar 2023 09:53:25 GMT
cache-control: public, max-age=7200
age: 6668
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 84ac5d936d907b700d85eea00c2d65ab
a7dd41a0bfa0478095e1036c38d2a1daeeef4c26
5d579202f8f20c739043d08852b9dd08b5e89a4458c184c6c5dc56329938a2c4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/wcm/loader.js
142.250.74.67200 OK 1.3 kB URL HTTP/2 www.gstatic.com/wcm/loader.js
IP 142.250.74.67:0
File type ASCII text, with very long lines (1123)
Hash 22300d54ba7faf32360c95915053014c
ea83f097bd99413f9d8fcb08d0312ba7ba1be99f
2c4c9c9d6af1ad12556ab11c8021eb5c254025ce04500bc885b69984dd562ce5
GET /wcm/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1339
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 18 Mar 2023 09:32:36 GMT
expires: Sat, 18 Mar 2023 10:32:36 GMT
cache-control: public, max-age=3600
age: 717
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/11035497740/?random=1679132672760&cv=11&fst=1679132672760&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fkarthikestatecottages.com%2Fwp-content%2Fthemes%2Ftwentytwentytwo%2Ftelstra%2Fklnmnbe84765%2F43c13bc75b3e2794772e3b23e0a31ef3%2Fcc.php&tiba=Page%20not%20found%20-%20Homestay&auid=265076463.1679132673&rfmt=3&fmt=4
142.250.74.98200 OK 1.3 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/11035497740/?random=1679132672760&cv=11&fst=1679132672760&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fkarthikestatecottages.com%2Fwp-content%2Fthemes%2Ftwentytwentytwo%2Ftelstra%2Fklnmnbe84765%2F43c13bc75b3e2794772e3b23e0a31ef3%2Fcc.php&tiba=Page%20not%20found%20-%20Homestay&auid=265076463.1679132673&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2721), with no line terminators
Hash fc94fecdcd8c559b0e17d15ba1748bae
d3a4990767e9e631060ea1f41e9e92bf761d7df5
448fdc307c201911b1c7f672d1c185ddd2a1663677dbad6b7dd0c39e69c1ce5c
GET /pagead/viewthroughconversion/11035497740/?random=1679132672760&cv=11&fst=1679132672760&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fkarthikestatecottages.com%2Fwp-content%2Fthemes%2Ftwentytwentytwo%2Ftelstra%2Fklnmnbe84765%2F43c13bc75b3e2794772e3b23e0a31ef3%2Fcc.php&tiba=Page%20not%20found%20-%20Homestay&auid=265076463.1679132673&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 09:44:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1268
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 18-Mar-2023 09:59:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 84ac5d936d907b700d85eea00c2d65ab
a7dd41a0bfa0478095e1036c38d2a1daeeef4c26
5d579202f8f20c739043d08852b9dd08b5e89a4458c184c6c5dc56329938a2c4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75f3b034e003024415ede09b0925ea2d
bc4ae811ce952d881f4f356d23f35f141e9d38a7
d7f837a51fcff2870c57654958a3ad6f0ba14ba99f883aaaa738d6f72314b221
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/11035497740/?random=1679132672760&cv=11&fst=1679130000000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fkarthikestatecottages.com%2Fwp-content%2Fthemes%2Ftwentytwentytwo%2Ftelstra%2Fklnmnbe84765%2F43c13bc75b3e2794772e3b23e0a31ef3%2Fcc.php&tiba=Page%20not%20found%20-%20Homestay&fmt=3&is_vtc=1&random=2355148561&rmt_tld=1&ipr=y
216.58.207.227200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/11035497740/?random=1679132672760&cv=11&fst=1679130000000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fkarthikestatecottages.com%2Fwp-content%2Fthemes%2Ftwentytwentytwo%2Ftelstra%2Fklnmnbe84765%2F43c13bc75b3e2794772e3b23e0a31ef3%2Fcc.php&tiba=Page%20not%20found%20-%20Homestay&fmt=3&is_vtc=1&random=2355148561&rmt_tld=1&ipr=y
IP 216.58.207.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/11035497740/?random=1679132672760&cv=11&fst=1679130000000&bg=ffffff&guid=ON&async=1>m=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fkarthikestatecottages.com%2Fwp-content%2Fthemes%2Ftwentytwentytwo%2Ftelstra%2Fklnmnbe84765%2F43c13bc75b3e2794772e3b23e0a31ef3%2Fcc.php&tiba=Page%20not%20found%20-%20Homestay&fmt=3&is_vtc=1&random=2355148561&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 09:44:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75f3b034e003024415ede09b0925ea2d
bc4ae811ce952d881f4f356d23f35f141e9d38a7
d7f837a51fcff2870c57654958a3ad6f0ba14ba99f883aaaa738d6f72314b221
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
karthikestatecottages.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
89.117.188.39200 OK 4.6 kB URL HTTP/2 karthikestatecottages.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
IP 89.117.188.39:0
File type Unicode text, UTF-8 text, with very long lines (12075), with no line terminators
Hash e03020f95691b6e8f22ccf6a95273424
487f20ce26a53ce1520ce19205cb0e38b1917d26
b65d380786d26ecbba5b0bcaea54e57125e79fbbd94074050115293502aabcf1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: application/x-javascript
last-modified: Thu, 15 Dec 2022 09:48:13 GMT
etag: "2f42-639aed5d-1bed499316c0f97c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4638
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/72d99b64282f7c39a51a7dc056ef510d.css?ver=4783f
89.117.188.39200 OK 2.4 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/72d99b64282f7c39a51a7dc056ef510d.css?ver=4783f
IP 89.117.188.39:0
File type ASCII text, with very long lines (11335), with no line terminators
Hash d117c41ae321a098d18351364fb60fcf
c1389b6248fb755f7aa97d8c00fa7920ba709560
27dfb226eee95472a65b0a5dfff9a14d6ab8eca52b79747447469d8a22a6f89c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/72d99b64282f7c39a51a7dc056ef510d.css?ver=4783f HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:32 GMT
etag: "2c47-64158800-6088d229be0b69a1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2389
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/67ad67f660d31fca7dbcf5e43ebc64eb.css?ver=0e2f4
89.117.188.39200 OK 979 B URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/67ad67f660d31fca7dbcf5e43ebc64eb.css?ver=0e2f4
IP 89.117.188.39:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 4fd9511f9170c49fc5a919babe4756cf
bd158ae63b48add4d918b34137c3ec42df1eb377
295c29dc143e878b330361cdc68ce98610eabd5e4fa08676607ef9786fc761b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/67ad67f660d31fca7dbcf5e43ebc64eb.css?ver=0e2f4 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:32 GMT
etag: "105a-64158800-bb6a128e21439b5d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 979
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/8e1562a058441e964dd3d0daf182c272.css?ver=72e73
89.117.188.39200 OK 722 B URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/8e1562a058441e964dd3d0daf182c272.css?ver=72e73
IP 89.117.188.39:0
File type ASCII text, with very long lines (2216), with no line terminators
Hash d86ec3eb0568f1d47aff89d3bbd13bb3
4dbc294dbdd918780d24091ee7b877a7a80aced0
3a488242b286ef86b4803de5523cd11e9d25d75d8d4f08e0426398ca3df65100
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/8e1562a058441e964dd3d0daf182c272.css?ver=72e73 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:32 GMT
etag: "8a8-64158800-8d0e166f787a9840;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 722
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
89.117.188.39200 OK 30 kB URL HTTP/2 karthikestatecottages.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 89.117.188.39:0
File type ASCII text, with very long lines (65447)
Hash cdbbc979b5a5de31a3ac8296e0ef489e
b83000eb74956c3404fb58c87e95aed5bab2ed19
48a6489945365cddb4c75af60f1e6a8a15d6598a1596ef18eb1b4aaad33e96f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Nov 2022 23:40:32 GMT
etag: "15e54-63742370-f3ebf00da111caa3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30075
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/eb7e6d7525599c5d35819c8614f88177.css?ver=56497
89.117.188.39200 OK 11 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/eb7e6d7525599c5d35819c8614f88177.css?ver=56497
IP 89.117.188.39:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 78bafc79c072adaf104b9221177ce381
1953f7afc4736db04681082db8af7bdc805fab9e
a1825321e7e140a96117c7842278cb042675ddcfaa2335b968c3bda9be72480b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/eb7e6d7525599c5d35819c8614f88177.css?ver=56497 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:32 GMT
etag: "17193-64158800-a0a0df528e8495b4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11302
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/28d7a7b6170f194201beacbe7fd5b7ad.css?ver=a7ff3
89.117.188.39200 OK 4.6 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/28d7a7b6170f194201beacbe7fd5b7ad.css?ver=a7ff3
IP 89.117.188.39:0
File type ASCII text, with very long lines (21941), with no line terminators
Hash 1b94a8896c1bdf34021067f2dee36eef
ee1511c11d182d2fc8141ac87171484bbd0a4ceb
2b4bd018f13bdb3693d37c737f775f80971ac14d8fa71a0efdd1dd14a14d9289
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/28d7a7b6170f194201beacbe7fd5b7ad.css?ver=a7ff3 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:32 GMT
etag: "55b5-64158800-721b779761e97cba;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4640
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/c238ec3dbb66d139abe9642101d15490.css?ver=f6a3a
89.117.188.39200 OK 6.1 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/c238ec3dbb66d139abe9642101d15490.css?ver=f6a3a
IP 89.117.188.39:0
File type ASCII text, with very long lines (28710)
Hash 18def2ee9247c732010a4e6dd988562d
d6527b6a930a6bc3a4833894576573fe83ec7fca
10637ef1d303479ae08da09b9c95d0644d386ab48606e558724ccd971a0e7429
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/c238ec3dbb66d139abe9642101d15490.css?ver=f6a3a HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:32 GMT
etag: "a1b0-64158800-b201c5cf2cb4c846;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6134
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 886a55065537b0624371a82292fe26c2
5ff87d6a26d94e0ed10f0cb55d0ac0237efb135a
a0811f584403bcdb37925007e7d9df722591566885dcedf330fb13fed891905f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
karthikestatecottages.com/wp-content/litespeed/css/6f803db37a657be1f53fee84b5b47faa.css?ver=1b82a
89.117.188.39200 OK 25 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/6f803db37a657be1f53fee84b5b47faa.css?ver=1b82a
IP 89.117.188.39:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 1b8bed79d5fd39be11a5df78340a4920
fe36fc0fcdc0ae76a963b77a04713c62401dfb0a
1ef9d63f63d57cb8ee23be302d0ebac9c0f71c6ec7d1b7001dc2b3ed4b4c8ce4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/6f803db37a657be1f53fee84b5b47faa.css?ver=1b82a HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "151af-64158801-75ec0d3435c4657d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/et-cache/275/et-core-unified-cpt-deferred-275.min.css?ver=1678362826
89.117.188.39200 OK 943 B URL HTTP/2 karthikestatecottages.com/wp-content/et-cache/275/et-core-unified-cpt-deferred-275.min.css?ver=1678362826
IP 89.117.188.39:0
File type ASCII text, with very long lines (9089), with no line terminators
Hash 73aae09117c847158f6b83c0cc9bb7bc
d672a6ee007db203d7292c0508a277ada5f6cdd2
35be656eeb7cb93aa0f41e2f03e514ccb39f50f770c8d159bcf280f1889c08b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/et-cache/275/et-core-unified-cpt-deferred-275.min.css?ver=1678362826 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: text/css
last-modified: Thu, 09 Mar 2023 11:53:46 GMT
etag: "2381-6409c8ca-ebb66c0d440817ab;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 943
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/f5d9ceb442b128ee5879bc7cc7c6247b.css?ver=5781e
89.117.188.39200 OK 49 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/f5d9ceb442b128ee5879bc7cc7c6247b.css?ver=5781e
IP 89.117.188.39:0
File type ASCII text, with very long lines (3290), with no line terminators
Hash 0d76004a9b86cac88a608b73566255c5
bd9ee706776e6f98805f30a57bd9cde2d57ae35e
49e4a138a03cd9be0f96e3a1c4050d57e4ca6e8105bbb8bb623f63654849d48d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/f5d9ceb442b128ee5879bc7cc7c6247b.css?ver=5781e HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "cda-64158801-231db29294865fa6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Mar 2023 18:52:41 GMT
expires: Tue, 12 Mar 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 399112
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/91aa9e0adf0c8c2ae3f443d1848ace02.js?ver=1f875
89.117.188.39200 OK 31 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/91aa9e0adf0c8c2ae3f443d1848ace02.js?ver=1f875
IP 89.117.188.39:0
File type ASCII text, with very long lines (413)
Hash 7f4ccc5d44030863aab1e0b37e998e63
73b5d1fec2ee7a0321ba98493b51424c95f345fa
cdf38934e63edd09d9666c422d127b8db067901617cf56073c8bcbacb7112f5f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/91aa9e0adf0c8c2ae3f443d1848ace02.js?ver=1f875 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "37c-64158801-3359a9363c703120;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/e7c1d41e270196d688189a9f163b0202.js?ver=cbd88
89.117.188.39200 OK 64 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/e7c1d41e270196d688189a9f163b0202.js?ver=cbd88
IP 89.117.188.39:0
File type ASCII text, with very long lines (58141)
Hash 13e664ae4518da36ab0b4ace050d05f4
e1a60002e8523bed1582ac37e9a946d803736b6a
d2ed97904e7463019591d2586e71634ad843be99ff128632a6b36e2f86959b94
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/e7c1d41e270196d688189a9f163b0202.js?ver=cbd88 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "e31f-64158801-e078863e4d244e67;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/c85f03e1a7cc5be42fa7fa7c1b037401.js?ver=41d40
89.117.188.39200 OK 49 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/c85f03e1a7cc5be42fa7fa7c1b037401.js?ver=41d40
IP 89.117.188.39:0
File type HTML document, ASCII text, with very long lines (12309)
Hash 4e5e6c6dd070fae55d483016e37b3388
8e3998bdb52adc483cdc786014a35d6df5ab5292
77d24b24eeea46f8ffa69eaca829246a36529fd91199377047b6bcabea318945
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/c85f03e1a7cc5be42fa7fa7c1b037401.js?ver=41d40 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "3017-64158801-d3237d6bbb674884;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Mar 2023 18:52:41 GMT
expires: Tue, 12 Mar 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 399112
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/12337bc2d6f5fc0d02755cbd085a32d4.js?ver=a5970
89.117.188.39200 OK 32 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/12337bc2d6f5fc0d02755cbd085a32d4.js?ver=a5970
IP 89.117.188.39:0
File type HTML document, ASCII text, with very long lines (593)
Hash 5926485b3923be06ac5cb0d83f44619c
48968f8f1ab8c58f44035558e8e9e5a16e7c846c
55b9b1523b198b3f935ca1875b74b545e316dc1ac292f61a71c969a9dc64d687
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/12337bc2d6f5fc0d02755cbd085a32d4.js?ver=a5970 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "995-64158801-572ce90d79df6e5a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/29fb4cef923a216602b788d65cf5cc5d.js?ver=e8bb9
89.117.188.39200 OK 127 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/29fb4cef923a216602b788d65cf5cc5d.js?ver=e8bb9
IP 89.117.188.39:0
File type ASCII text, with very long lines (65467)
Size 127 kB (126701 bytes)
Hash f184f988e5c590a480c3b7c6909bfa7e
9e48089bd84e6eb409325052ceb9aeae89c944ea
350d056454d4d55dd19a8812297a11dc5211171c82beaf1ab5837a73ce580845
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/29fb4cef923a216602b788d65cf5cc5d.js?ver=e8bb9 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "42f6a-64158801-5e1eb0dbabd5835c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/370f679cbafa77014ada20d864a14360.js?ver=257f6
89.117.188.39200 OK 39 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/370f679cbafa77014ada20d864a14360.js?ver=257f6
IP 89.117.188.39:0
File type Unicode text, UTF-8 text, with very long lines (17818)
Hash 23a11949e5dff87c419245c26dde078f
9e7f571d1bfaba8ef7f63533d761c50da7e8d64b
42decbc1853de255caf6de7c5bcb65a2ff2d5ff4dca88665f154d2e9750aba1e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/370f679cbafa77014ada20d864a14360.js?ver=257f6 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "45a0-64158801-56cd89d2e43f16ee;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Mar 2023 00:08:41 GMT
expires: Wed, 13 Mar 2024 00:08:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 380152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/da19b69de124bba871c59f991d5abb78.css?ver=00f5a
89.117.188.39200 OK 32 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/da19b69de124bba871c59f991d5abb78.css?ver=00f5a
IP 89.117.188.39:0
File type ASCII text, with very long lines (8674), with no line terminators
Hash a4f73a6cc17b0729882d85795cc0186e
7bbe2b1143e374d2ff17fc904e672708a5906830
d46df70fcbb31c784c48b142bd8b72605e4e637b98c36af1b0b0e06efe0404d8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/da19b69de124bba871c59f991d5abb78.css?ver=00f5a HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "21e2-64158801-a30f9a138dc85a8b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&blog=214677232&post=0&tz=0&srv=karthikestatecottages.com&j=1%3A11.6&host=karthikestatecottages.com&ref=&fcp=1892&rand=0.28293166084873245
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=214677232&post=0&tz=0&srv=karthikestatecottages.com&j=1%3A11.6&host=karthikestatecottages.com&ref=&fcp=1892&rand=0.28293166084873245
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=214677232&post=0&tz=0&srv=karthikestatecottages.com&j=1%3A11.6&host=karthikestatecottages.com&ref=&fcp=1892&rand=0.28293166084873245 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 09:44:34 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Mar 2023 00:08:41 GMT
expires: Wed, 13 Mar 2024 00:08:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 380152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Mar 2023 00:08:41 GMT
expires: Wed, 13 Mar 2024 00:08:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 380152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Mar 2023 10:20:32 GMT
expires: Sun, 10 Mar 2024 10:20:32 GMT
cache-control: public, max-age=31536000
age: 602641
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Mar 2023 10:20:32 GMT
expires: Sun, 10 Mar 2024 10:20:32 GMT
cache-control: public, max-age=31536000
age: 602641
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Mar 2023 10:20:32 GMT
expires: Sun, 10 Mar 2024 10:20:32 GMT
cache-control: public, max-age=31536000
age: 602641
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Mar 2023 10:20:32 GMT
expires: Sun, 10 Mar 2024 10:20:32 GMT
cache-control: public, max-age=31536000
age: 602641
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Mar 2023 10:20:32 GMT
expires: Sun, 10 Mar 2024 10:20:32 GMT
cache-control: public, max-age=31536000
age: 602641
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Mar 2023 10:20:32 GMT
expires: Sun, 10 Mar 2024 10:20:32 GMT
cache-control: public, max-age=31536000
age: 602641
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Mar 2023 10:20:32 GMT
expires: Sun, 10 Mar 2024 10:20:32 GMT
cache-control: public, max-age=31536000
age: 602641
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Mar 2023 10:20:32 GMT
expires: Sun, 10 Mar 2024 10:20:32 GMT
cache-control: public, max-age=31536000
age: 602641
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Mar 2023 10:20:32 GMT
expires: Sun, 10 Mar 2024 10:20:32 GMT
cache-control: public, max-age=31536000
age: 602641
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/fee2d6f9c7e7dd016098681f67c4fe44.js?ver=5978d
89.117.188.39200 OK 51 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/fee2d6f9c7e7dd016098681f67c4fe44.js?ver=5978d
IP 89.117.188.39:0
File type ASCII text, with very long lines (6475)
Hash 67cca17aa436d7d155a1c934e8b73c9a
ca693a65f665b7ec20ea96096f8a33f3dda0a3fb
78ec9464119eca20da4f0b6004066a42c0af9da518547849c3cbf0bb3604a8cf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/fee2d6f9c7e7dd016098681f67c4fe44.js?ver=5978d HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "194d-64158801-2c1b7d9f34f8352;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.ttf
89.117.188.39200 OK 3.2 kB URL HTTP/2 karthikestatecottages.com/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.ttf
IP 89.117.188.39:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, ETmodules \012- data
Hash 965ac7379acba737860d3d00f2e79dcc
aa3eec20c7eac5e0e9426382779c356e4d43d7d7
5cd0b36cd53bbcb023eb72e85235fbc5e4b664272f4396156823c98c3c349869
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/fonts/modules/base/modules.ttf HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/litespeed/css/f730e910073d3407fc066c352d75ef27.css?ver=63111
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:34 GMT
content-type: application/x-font-ttf
last-modified: Sat, 26 Nov 2022 14:52:15 GMT
etag: "1854-6382281f-ec96f89d83f4de1e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3164
date: Sat, 18 Mar 2023 09:44:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/3a56923e62cb9e1bcbadcd7e294045ca.js?ver=496cb
89.117.188.39200 OK 53 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/3a56923e62cb9e1bcbadcd7e294045ca.js?ver=496cb
IP 89.117.188.39:0
File type ASCII text, with very long lines (11125)
Hash 44b709be5fc33bdc5a84e03a54f03a74
cc9b113fb928bf1d966d6d71c3106f8f5b320d4c
7a868c6a4e193406d66302b491be217e3ff210a92de22fc36ac039fd516c8d15
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/3a56923e62cb9e1bcbadcd7e294045ca.js?ver=496cb HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "2bd8-64158801-806229967ea00252;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-MXCGE16QRD>m=45je33f0&_p=1956594253&cid=650986832.1679132673&ul=en-us&sr=1280x1024&_s=1&sid=1679132672&sct=1&seg=0&dl=https%3A%2F%2Fkarthikestatecottages.com%2Fwp-content%2Fthemes%2Ftwentytwentytwo%2Ftelstra%2Fklnmnbe84765%2F43c13bc75b3e2794772e3b23e0a31ef3%2Fcc.php&dt=Page%20not%20found%20-%20Homestay&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-MXCGE16QRD>m=45je33f0&_p=1956594253&cid=650986832.1679132673&ul=en-us&sr=1280x1024&_s=1&sid=1679132672&sct=1&seg=0&dl=https%3A%2F%2Fkarthikestatecottages.com%2Fwp-content%2Fthemes%2Ftwentytwentytwo%2Ftelstra%2Fklnmnbe84765%2F43c13bc75b3e2794772e3b23e0a31ef3%2Fcc.php&dt=Page%20not%20found%20-%20Homestay&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-MXCGE16QRD>m=45je33f0&_p=1956594253&cid=650986832.1679132673&ul=en-us&sr=1280x1024&_s=1&sid=1679132672&sct=1&seg=0&dl=https%3A%2F%2Fkarthikestatecottages.com%2Fwp-content%2Fthemes%2Ftwentytwentytwo%2Ftelstra%2Fklnmnbe84765%2F43c13bc75b3e2794772e3b23e0a31ef3%2Fcc.php&dt=Page%20not%20found%20-%20Homestay&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://karthikestatecottages.com
Connection: keep-alive
Referer: https://karthikestatecottages.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://karthikestatecottages.com
date: Sat, 18 Mar 2023 09:44:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/et-cache/notfound/et-divi-dynamic-tb-306-tb-275-late.css
89.117.188.39200 OK 6.1 kB URL HTTP/2 karthikestatecottages.com/wp-content/et-cache/notfound/et-divi-dynamic-tb-306-tb-275-late.css
IP 89.117.188.39:0
File type ASCII text, with very long lines (11014)
Hash 387e9ef3738a5cb17dd4664b99e0973e
d4833aa77d571035505ea624d9d22ef19b4ccd60
00f12e17430b1cc8d2f4950da660065cb3b7ed11e0e360a8de19cee6df8038ff
GET /wp-content/et-cache/notfound/et-divi-dynamic-tb-306-tb-275-late.css HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:34 GMT
content-type: text/css
last-modified: Thu, 09 Mar 2023 11:53:46 GMT
etag: "a1b0-6409c8ca-3996924336afab75;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6140
date: Sat, 18 Mar 2023 09:44:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/uploads/2020/12/Logo-1-white.png.webp
89.117.188.39200 OK 3.9 kB URL HTTP/2 karthikestatecottages.com/wp-content/uploads/2020/12/Logo-1-white.png.webp
IP 89.117.188.39:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f55ac4812010cb55d5b6ed20e9ee480d
ea20922ad6b4d6a122948a76390859834969c144
575671cd4b3d599ba3385b0257a7485e67d8173132e051249e628bd29ec0dfc7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/12/Logo-1-white.png.webp HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:34 GMT
content-type: image/webp
last-modified: Mon, 28 Nov 2022 17:23:35 GMT
etag: "f64-6384ee97-40f2720e287fe0b8;;;"
accept-ranges: bytes
content-length: 3940
date: Sat, 18 Mar 2023 09:44:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/uploads/2020/12/03-a.png.webp
89.117.188.39200 OK 1.5 kB URL HTTP/2 karthikestatecottages.com/wp-content/uploads/2020/12/03-a.png.webp
IP 89.117.188.39:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c74ead7b0feb3ace4aa1c0d31e3dfeec
3915416d9cbbfe6a8d57f7da3d945ee720098d92
4e35d6ce524adf3e9615fa5d223d9fc3e4db93359562166e150014004b735ba5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/12/03-a.png.webp HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:34 GMT
content-type: image/webp
last-modified: Mon, 28 Nov 2022 17:35:57 GMT
etag: "5c4-6384f17d-2b23314c6ef20912;;;"
accept-ranges: bytes
content-length: 1476
date: Sat, 18 Mar 2023 09:44:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/417fb907586e584e0d226d2b21711b92.css?ver=0fe2e
89.117.188.39200 OK 49 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/417fb907586e584e0d226d2b21711b92.css?ver=0fe2e
IP 89.117.188.39:0
File type ASCII text, with very long lines (7397), with no line terminators
Hash 5dfab3be4c1deb27ed22cd4a1f7c78da
2eb2b337206a52f574c04de7f40247a6896c52e4
143d39c7a2178be81107ad90040419f5ad17113d39074a543310c16b8d8007d3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/417fb907586e584e0d226d2b21711b92.css?ver=0fe2e HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "1ce5-64158801-ea1ef86a47b57ac5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/cfe9f73e6db21967110cbb9e7d6b872b.js?ver=9bf4c
89.117.188.39200 OK 51 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/cfe9f73e6db21967110cbb9e7d6b872b.js?ver=9bf4c
IP 89.117.188.39:0
File type ASCII text, with very long lines (9936)
Hash 4690f10f03eeb9ef187b9377cf19ac35
5fb6e1c182f163e6f15a1fbc13a2407d8bd8dba1
440bac58a8968c10b952a0cf0e1e9f1ed6fb3414d04aab53a433ae0634ee1eab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/cfe9f73e6db21967110cbb9e7d6b872b.js?ver=9bf4c HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "26d2-64158801-b0567c5e8472159a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/css/f730e910073d3407fc066c352d75ef27.css?ver=63111
89.117.188.39200 OK 53 kB URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/css/f730e910073d3407fc066c352d75ef27.css?ver=63111
IP 89.117.188.39:0
File type ASCII text, with very long lines (42873), with no line terminators
Hash a5d4bc306f4a06e45aacbad5bf3c2f58
1b4720b49d604d1886fe74e7bb5590757d918371
0191066c78c85c7684c9a02c227893974792528e95190d89a20c0b44d21b782c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/f730e910073d3407fc066c352d75ef27.css?ver=63111 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: text/css
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "a779-64158801-5cf0d8a4a35df7f3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/plugins/chaty/images/whatsapp.png
89.117.188.39200 OK 106 kB URL HTTP/2 karthikestatecottages.com/wp-content/plugins/chaty/images/whatsapp.png
IP 89.117.188.39:0
File type PNG image data, 550 x 999, 8-bit colormap, non-interlaced\012- data
Size 106 kB (105898 bytes)
Hash ac16b58dab286451f37dc9e0286ccbea
763cbea1c8a9a97f60fc8abecc8304d6e67aadc5
69c383a1cca56628ad0bc45c83a67112b0851d57a77c18252f79de50364af9d4
GET /wp-content/plugins/chaty/images/whatsapp.png HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/litespeed/css/28d7a7b6170f194201beacbe7fd5b7ad.css?ver=a7ff3
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:34 GMT
content-type: image/png
last-modified: Thu, 15 Dec 2022 09:44:11 GMT
etag: "19daa-639aec6b-f649144df42d1bd;;;"
accept-ranges: bytes
content-length: 105898
date: Sat, 18 Mar 2023 09:44:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
89.117.188.39200 OK 36 kB URL HTTP/2 karthikestatecottages.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
IP 89.117.188.39:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, modules \012- data
Hash 92d4c4b52b85bddba9e00893d78a9228
ef9dab27a60868e213d2b56da5f7ee40a5b713ea
392b1fd700e55cbc3279f35f7d60c3ee75e2b7698e83e55349dbfca9b664a06c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/litespeed/css/c238ec3dbb66d139abe9642101d15490.css?ver=f6a3a
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:34 GMT
content-type: application/x-font-ttf
last-modified: Sat, 26 Nov 2022 14:52:15 GMT
etag: "168f0-6382281f-f4a7184c7e2d1029;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 36345
date: Sat, 18 Mar 2023 09:44:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
stats.wp.com/e-202311.js
192.0.76.3200 OK 3.0 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash d202baf00093b063079de8794bfa8138
d6fb5c4649eeb71c5787e3dcd56c552402e80a5f
4ae2f7bf7daeb5e5a41e2e3378e6cffad79823ea5d2066a22ec9f1cefd140a46
GET /e-202311.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 09:44:33 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 10 Mar 2024 23:12:08 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/uploads/2020/12/favicon.png
89.117.188.39200 OK 922 B URL HTTP/2 karthikestatecottages.com/wp-content/uploads/2020/12/favicon.png
IP 89.117.188.39:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash c29c04f3ade9a3e3645e662cb22aed5e
224edb0765d28f7398b8918b27b4dc85ebac49bf
ec1f90d418fb4a7546dbb25bf2775731e49949fcfb584057428090de5d7f25af
GET /wp-content/uploads/2020/12/favicon.png HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:34 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 17:26:28 GMT
etag: "39a-6384ef44-3e7f214ce0d65126;;;"
accept-ranges: bytes
content-length: 922
date: Sat, 18 Mar 2023 09:44:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/uploads/2020/12/favicon.png
89.117.188.39200 OK 922 B URL HTTP/2 karthikestatecottages.com/wp-content/uploads/2020/12/favicon.png
IP 89.117.188.39:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash c29c04f3ade9a3e3645e662cb22aed5e
224edb0765d28f7398b8918b27b4dc85ebac49bf
ec1f90d418fb4a7546dbb25bf2775731e49949fcfb584057428090de5d7f25af
GET /wp-content/uploads/2020/12/favicon.png HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:34 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 17:26:28 GMT
etag: "39a-6384ef44-3e7f214ce0d65126;;;"
accept-ranges: bytes
content-length: 922
date: Sat, 18 Mar 2023 09:44:34 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 06a2dbfd382eec76cf3a2a4b66d290c2
6263deca043f1f4d5cbe180630d56a4e44f0c93b
6dfe642c1e8ce5613ea7f50d14d1a0e6832e4fd732c56617875ddf5106bd53e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 45d5309ec51c13466da5b0c4500d797f
11bfed48098a7ee50c43ab9ef0748ec2b05ad4b6
2db5fd13873b12d46ce7d2e1b79fa3af2b4e1cd124e8f769138b5dcbc0168b95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 09:44:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
89.117.188.39404 Not Found 0 B URL HTTP/2 karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
IP 89.117.188.39:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
x-powered-by: PHP/8.1.16
x-dns-prefetch-control: on
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://karthikestatecottages.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 3b5_HTTP.404,3b5_404,3b5_URL.b6de0f9110116d4720466419964978fe,3b5_,3b5_CCSS.29901685d9cbced33f58b45c32eb2c02
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
karthikestatecottages.com/wp-content/litespeed/js/43561677c57e5b1d434f961aa7435971.js?ver=35971
89.117.188.39200 OK 0 B URL HTTP/2 karthikestatecottages.com/wp-content/litespeed/js/43561677c57e5b1d434f961aa7435971.js?ver=35971
IP 89.117.188.39:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/js/43561677c57e5b1d434f961aa7435971.js?ver=35971 HTTP/1.1
Host: karthikestatecottages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/wp-content/themes/twentytwentytwo/telstra/klnmnbe84765/43c13bc75b3e2794772e3b23e0a31ef3/cc.php
Cookie: _lscache_vary=0bc660362587ed43ece4d55bcfb15013; _gcl_au=1.1.265076463.1679132673; _ga_MXCGE16QRD=GS1.1.1679132672.1.0.1679132672.0.0.0; _ga=GA1.2.650986832.1679132673; _gid=GA1.2.585939140.1679132673; _gat_UA-207024867-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sun, 17 Mar 2024 15:44:33 GMT
content-type: application/x-javascript
last-modified: Sat, 18 Mar 2023 09:44:33 GMT
etag: "3e9-64158801-f8a77a7c0f63917a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Mar 2023 09:44:33 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
stats.wp.com/e-202311.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202311.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://karthikestatecottages.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 09:44:31 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 10 Mar 2024 23:12:08 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2