r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8805
Expires: Fri, 03 Feb 2023 11:49:33 GMT
Date: Fri, 03 Feb 2023 09:22:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14791
Expires: Fri, 03 Feb 2023 13:29:19 GMT
Date: Fri, 03 Feb 2023 09:22:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10840
Expires: Fri, 03 Feb 2023 12:23:28 GMT
Date: Fri, 03 Feb 2023 09:22:48 GMT
Connection: keep-alive
himalayanstaylodges.com/RFRTA/WARFG/196dd/
162.0.229.248301 Moved Permanently 707 B URL HTTP/1.1 himalayanstaylodges.com/RFRTA/WARFG/196dd/
IP 162.0.229.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /RFRTA/WARFG/196dd/ HTTP/1.1
Host: himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 03 Feb 2023 09:22:47 GMT
server: LiteSpeed
location: https://himalayanstaylodges.com/RFRTA/WARFG/196dd/
x-turbo-charged-by: LiteSpeed
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 08:36:10 GMT
content-type: application/json
age: 2798
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YhtQB2VSEmuGCzr+h1l4QSL7YPLP13BCng8FyjI9mPimBZErpCojgE0jTdM2s12GW/qf15G/Gn8=
x-amz-request-id: JWNSYST5Z185266N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 08:52:20 GMT
age: 1828
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 09:22:48 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 09:07:19 GMT
age: 929
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8334
Expires: Fri, 03 Feb 2023 11:41:42 GMT
Date: Fri, 03 Feb 2023 09:22:48 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash a062cfd097e03033b7454d67caed291c
6eca454052daafcc4d79fad11a199185be2cf95f
796232e0f604b93a996c82a918d35a5d8463feda99087d4d7a12380096b46278
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:22:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 05:24:52 GMT
Expires: Fri, 10 Feb 2023 05:24:51 GMT
Etag: "6eca454052daafcc4d79fad11a199185be2cf95f"
Cache-Control: max-age=589922,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793a1aacdc0c0b65-OSL
himalayanstaylodges.com/RFRTA/WARFG/196dd/
162.0.229.248301 Moved Permanently 0 B URL HTTP/2 himalayanstaylodges.com/RFRTA/WARFG/196dd/
IP 162.0.229.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /RFRTA/WARFG/196dd/ HTTP/1.1
Host: himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
x-litespeed-cache: hit
content-length: 0
date: Fri, 03 Feb 2023 09:22:48 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.191.251.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.251.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7OThaYTVzi5aUujE5lQiuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Kd+OBWtHpAdO1RpHG0tmWdH82pg=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:22:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:22:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:22:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.1.5
162.0.229.248200 OK 23 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.1.5
IP 162.0.229.248:0
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash 7764ef0866edd9e19f3bae0b3774154c
2a8091abd24aa9434f9c4374a34a584af19106c8
47c6e34db110643e3578fa035f62d990d69575305f466756efc84527fb0fa604
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.1.5 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 04:51:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23279
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.1.5
162.0.229.248200 OK 1.8 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.1.5
IP 162.0.229.248:0
File type ASCII text, with very long lines (10435), with no line terminators
Hash f7237084ac82ea6a4f5bf1448c3a2148
60457635a5e809ee1199c61090d8e33b91e8e1f2
18a1cb7f08c1ace52a79f46d73461ed03bf8cf5c9e8a3687eacc3e04f08e7a09
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.1.5 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 04:51:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1754
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
162.0.229.248200 OK 12 kB URL HTTP/2 www.himalayanstaylodges.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 162.0.229.248:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-includes/css/classic-themes.min.css?ver=1
162.0.229.248200 OK 217 B URL HTTP/2 www.himalayanstaylodges.com/wp-includes/css/classic-themes.min.css?ver=1
IP 162.0.229.248:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:36 GMT
accept-ranges: bytes
content-length: 217
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
162.0.229.248404 Not Found 19 kB URL HTTP/2 www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
IP 162.0.229.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381)
Hash a0ccf9edb87bf2fda45373b78d3539f4
475d3995f7afac4ed2f74bea6f2dbc456c2e5059
5178dfcbdb6bf6e70f01dea57f4df75d51666630b7d4449c11d8dbcb99eb1cb7
Analyzer Verdict Alert fortinet Phishing
GET /RFRTA/WARFG/196dd/ HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.himalayanstaylodges.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 09:22:48 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.3.0
162.0.229.248200 OK 2.3 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.3.0
IP 162.0.229.248:0
File type ASCII text, with very long lines (17809), with no line terminators
Hash 09d93f4de720fc11a2944fea38fcafcd
e46cf6a8d3373c7fa5feba0b30cd9b9983f719b2
cf900721be13309b96cf6c6f56b1c0a40194e8aea1b0a0361739219c9c0f9998
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2329
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.3.0
162.0.229.248200 OK 8.4 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.3.0
IP 162.0.229.248:0
File type Unicode text, UTF-8 text, with very long lines (62781), with no line terminators
Hash 6688cf6da7f8e77fce4b23ecd4fa64d4
b787949222758071c1a6221f698cad9bf9b1db2e
1b0db771c94b550d2e2eb123523a8357529aa8ec8869be9e8aabb2595055f438
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8434
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/font-awesome-all.css?ver=1
162.0.229.248200 OK 16 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/font-awesome-all.css?ver=1
IP 162.0.229.248:0
Hash 3d1672d6a5e551d5da610f1cb2e5df6c
9e29d7cb241684ae7e9d23f2f10e5922bffd34bd
2d6fa326596d9a8b3a9235bf320626f19996f34b0e49625184538c73cbae65e1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/css/font-awesome-all.css?ver=1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16233
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/flaticon.css?ver=1
162.0.229.248200 OK 542 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/flaticon.css?ver=1
IP 162.0.229.248:0
Hash a2ec2dbe0c709ff71d76994b5ca3df5b
47bbfe70a96f8e2de8d57434214f47b90df47a4c
6c288a0e0ec4ed51a2247577da91a8fec1758cf0ac5a06387ad42711ad8417ca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/css/flaticon.css?ver=1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 542
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/owl.css?ver=1
162.0.229.248200 OK 1.2 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/owl.css?ver=1
IP 162.0.229.248:0
File type ASCII text, with CRLF line terminators
Hash ec1d46b2a5b16e065932e677df5feb1c
5b2f8f4bcec87660cb27ebb2bf820a476bc55bc0
543668594da81ce5e4714103774ac128e21825dcdf89bd18bcd2a41553dea77b
GET /wp-content/themes/travio/assets/css/owl.css?ver=1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1211
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9090
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:22:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9090
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:22:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9090
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:22:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9090
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:22:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9090
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:22:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p74tt3doRE9DKoD5cpPKriYPFEQhq7f3Xf8vhgNNz7QhZNIvdc6NQQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:05:18 GMT
age: 40652
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmKLVHwroAMF72Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _VFg0FMYa1Dg55fLpJTwdX2uZXkYjZSFdbdAKqGQu7GF2dPiawKh1g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 05:59:16 GMT
age: 12214
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5314f1087266189144982b464f4aa7a6
438b5a17b9060f6825331348aa3797ab1c15895d
fb7d5ec834d28c99f6430703c002c24a9caf50b7701a369cbd69e51576f1e73c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5898
x-amzn-requestid: 50d6181d-6804-48ab-bc38-9fcaf4da1bc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fZALWF5IIAMFv5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d37a48-2e2e53124ce2f9eb31290ec4;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:16:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9Jus6UYlOGiDdqLBxJ387FMtEAST6THfW-oz6gjgFzKzchCdwUCcvQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 03:13:49 GMT
age: 22141
etag: "438b5a17b9060f6825331348aa3797ab1c15895d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 703c7834618fd34f3d7ce5c82a51abc0
4bdaa7e9e8d6408b73ea457e7aabb26fa2a5c81c
1f467ce5825e3f8b8f841293d1ce945dc7a577abbe2cb8a2caa16ace165f4857
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3385
x-amzn-requestid: 30717e1a-7a08-4b11-90e7-cd175aa667d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzrEo4oAMF1qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce4-3bc1302b4cf47fa2520e3033;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AnMRlC-rgJLk6OwzHDFeaGBuDfEuRj_n0S2o1o7QSTZqMwCIr-20-A==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:35 GMT
age: 41775
etag: "4bdaa7e9e8d6408b73ea457e7aabb26fa2a5c81c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 1350cdd1-10c2-44e0-993d-2335a082fb91
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fstgNH0moAMF3OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db5c67-02211c3d5ca147c718348860;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 06:47:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t7OYoLCzzQakW2lqiAUaeKA00Beq4J5elQ5qF7yGUb2L7JSNUJCPNA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 05:40:54 GMT
age: 13316
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02123eef9faa8560ff66b058d4e13a28
decf26282993d7f0b14cf4112d14fa39c97fa89f
28889ff20f1b2fe0b73f8f97e6569f1d68d77fe436eeb47cc06ee4f0822ff239
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9130
x-amzn-requestid: 09ad3fbb-1e71-4455-82df-6e59f65239a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuxiYEkqIAMFVZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2fa8-1dca116e4317f9bd14f6d45a;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:48:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Bc2svrG-wX63DK9RPUyjh-n6AHVHaQe3QRmEL27L-amwCH2I_f_9g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:05:17 GMT
age: 40653
etag: "decf26282993d7f0b14cf4112d14fa39c97fa89f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/style.css?ver=1675416155
162.0.229.248200 OK 19 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/style.css?ver=1675416155
IP 162.0.229.248:0
File type Unicode text, UTF-8 text, with very long lines (582)
Hash ccaf9391738a82df093bacbab0bfc723
9b990cfda10876ca859c5d9d3a40a407e9553da7
a2ad700f81d9b4f8f0f4526c3ce5db05304bfd1b8df398defa27f5b8aa4d29c8
GET /wp-content/themes/travio/style.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18862
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/jquery.fancybox.min.css?ver=1
162.0.229.248200 OK 2.9 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/jquery.fancybox.min.css?ver=1
IP 162.0.229.248:0
File type Unicode text, UTF-8 text, with very long lines (13734), with no line terminators
Hash 714bd61fca96c0c2c0594d0d0e889352
4686ddf4ee0313959b93aef1e2b42196dacb2158
66eb73bd1e47a0332c212d07d20e001ff1b77e20e77e178f9fc2705e6b046f1d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/css/jquery.fancybox.min.css?ver=1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2938
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/jquery-ui.css?ver=1675416155
162.0.229.248200 OK 7.1 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/jquery-ui.css?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with very long lines (2363)
Hash 8bf0992d3fc33733d7be1dadf3beabd3
eaa9bb4cad47cf61efe8d8b033c407276b6b211f
0f80ac91a12e48762121cc42b0515b7af6d1cf36033c46df5961d92d5ec9c2a5
GET /wp-content/themes/travio/assets/css/jquery-ui.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7117
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/nouislider.pips.css?ver=1675416155
162.0.229.248200 OK 405 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/nouislider.pips.css?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with CRLF line terminators
Hash 2929a3087d3a16cce842d64fdc569ca7
b750e217ce17b615f5909f42f963ec9c0df2af16
341cfa69939f2dec8e0ecb4749cb0e0fda53b02a2835552147665c92880a3aa8
GET /wp-content/themes/travio/assets/css/nouislider.pips.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 405
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/nice-select.css?ver=1675416155
162.0.229.248200 OK 931 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/nice-select.css?ver=1675416155
IP 162.0.229.248:0
Hash bf85a978164301e5d4261f0ffedafeb9
53abf15e06137a02072b5740c6c1db3f8ac072e2
63ff6cf9765c7f854982d74c94dc3db9c8a44da5560e38866334e9c09b8692a6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/css/nice-select.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 931
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/animate.css?ver=1
162.0.229.248200 OK 5.1 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/animate.css?ver=1
IP 162.0.229.248:0
File type ASCII text, with CRLF line terminators
Hash 1fadd55fbbe1050d53d5aaa0e4391811
6e47a35250e5102ac49b2b58358d0145f94bc5b8
330d6bbd31a387e062e2c35d1f0345310d3fcba71e69024b5838d6a7bf2d6702
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/css/animate.css?ver=1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5061
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/bootstrap.css?ver=1675416155
162.0.229.248200 OK 23 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/bootstrap.css?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with very long lines (629)
Hash dcc5f88052caf4b1d5135f25af96c1c0
6c2eefbcf9189b5204e2435b219aeb147529c724
6a969933b6912dfb1e1f8a725227e55d3b0ecfc19c3154a45b60c9d75cf00bb3
GET /wp-content/themes/travio/assets/css/bootstrap.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23261
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/blog-page.css?ver=1675416155
162.0.229.248200 OK 1.0 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/blog-page.css?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with CRLF line terminators
Hash 3c69cf6dee23f676adf3e33a8ddae8e7
1fd0ad9428ec85d7fc253e63d996dcf0c1d101be
b4a46e28e38d8ccb7d230021e888d55f2d27f3c051416beb2cd496035a7a44b2
GET /wp-content/themes/travio/assets/css/blog-page.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1030
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/color.css?ver=1675416155
162.0.229.248200 OK 1.7 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/color.css?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with CRLF line terminators
Hash f154a2fc236533a89ec8d9f1c1dee61f
d9bab79aaf97304829e1e9113af3863c9a33cd58
f841d8a9cf7f6b551b98784eff5b9f7254decad87ea2505e8215d2b2d6dcec3f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/css/color.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1686
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/responsive.css?ver=1675416155
162.0.229.248200 OK 2.9 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/responsive.css?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with CRLF line terminators
Hash 0dba67911ec8f6ae6ed15762e19c33eb
146c7be4fba3ecf192465379b81930a92b229183
78a0c711d286c5933f4fb592cfa69663023fed0a5bd039ca693afd526071d203
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/css/responsive.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2939
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/nouislider.min.css?ver=1675416155
162.0.229.248200 OK 1.0 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/nouislider.min.css?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with very long lines (3999)
Hash 5f0f2259ff2ef04c775452f721e9efec
9ed43ddf4d9e0a7a791a241742e5baa00ba2a1b4
0fa931248a5f88607bfb42e52ac710475d7d453cf9be8b3e04603492da003166
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/css/nouislider.min.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1039
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/theme-style.css?ver=1675416155
162.0.229.248200 OK 3.3 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/theme-style.css?ver=1675416155
IP 162.0.229.248:0
Hash baf31e5ad4f31fa1525000e44fb08a04
4fcae76d0edc23a7e3bbc4b7e0c536a61acbdaa3
cee0f9433abca4732eba0b051c89a90c2825ed5fdc606d2e48e19b49531365dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/css/theme-style.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3314
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
162.0.229.248200 OK 30 kB URL HTTP/2 www.himalayanstaylodges.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 162.0.229.248:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.0.229.248200 OK 4.0 kB URL HTTP/2 www.himalayanstaylodges.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.0.229.248:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/css/style.css?ver=1675416155
162.0.229.248200 OK 158 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/css/style.css?ver=1675416155
IP 162.0.229.248:0
Hash cca8b2df8897c6d75fba3a1ca2d5fd49
40317ddcc9fd593ba81e0b19b99574853864eef6
a703bafc3883d984015fc294aaf9df68e98e85c0d6b3dba77460af5e9799616b
GET /wp-content/plugins/travio-core/assets/elementor/css/style.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:51:56 GMT
accept-ranges: bytes
content-length: 158
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0
162.0.229.248200 OK 3.6 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0
IP 162.0.229.248:0
File type ASCII text, with very long lines (19277)
Hash 3c0f49bba64d313ff17530aee3e0de3a
2cec8e2b5dce97ec1c602a371470c3b1ad54d34a
35e45af37030e367c7a247b7cf2e5f188e80067a9fa919814ae91c635dafb89b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Thu, 12 Jan 2023 10:13:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3637
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.10.0
162.0.229.248200 OK 12 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.10.0
IP 162.0.229.248:0
File type ASCII text, with very long lines (65496)
Hash 297f6595e73c5cdfd82ebb9a6b73a2bf
7ed1223f3ef0dd4876f137461c672fd4b67f0b09
c7d70ad4a1b40aa10de966e6f596ca14814c5d0535818b7cb5838b291a27da6c
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.10.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Thu, 12 Jan 2023 10:13:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12455
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/uploads/elementor/css/post-7.css?ver=1673518444
162.0.229.248200 OK 305 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/uploads/elementor/css/post-7.css?ver=1673518444
IP 162.0.229.248:0
File type ASCII text, with very long lines (1099), with no line terminators
Hash d9bc22f3527f91d89557d53cc85ed8ce
08472595c6be8cbbf532ad2f1d95d00d95e8b336
fd8ca9b91de9c848dba571e2cfbf7f691252918406a70a2739f4c2e04f1c71bf
GET /wp-content/uploads/elementor/css/post-7.css?ver=1673518444 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Thu, 12 Jan 2023 10:14:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 305
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/uploads/elementor/css/global.css?ver=1673518444
162.0.229.248200 OK 756 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/uploads/elementor/css/global.css?ver=1673518444
IP 162.0.229.248:0
File type ASCII text, with very long lines (6697)
Hash 8279d3577a82c8463dfc3cf01541839a
7e502015d5e7b447c9e52fc84628ecccb3cfae8b
23a28162517834a628d34673fd29e47d61c5580d30a2bf7df91cec8eb3672562
GET /wp-content/uploads/elementor/css/global.css?ver=1673518444 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Thu, 12 Jan 2023 10:14:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 756
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
162.0.229.248200 OK 2.9 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP 162.0.229.248:0
File type ASCII text, with very long lines (10565), with no line terminators
Hash 70f3b9dd6a51a766210411d4ed0752de
5507f795072da10842897292e32c24b8cbf7827d
8ad70d44d761d4e24fdcdd496c7d529c52c68a7c7dce2471104d4efa2d01ca89
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 10:13:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2911
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
162.0.229.248200 OK 3.8 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP 162.0.229.248:0
File type HTML document, ASCII text, with very long lines (12652), with no line terminators
Hash 82296b1be7d264a8a21ca0741f50475a
10ad7678821940dacd8200c76505de5dc59b47f2
524abf7280900dd377f372e36163631a3d9740416bcc993919ec407687793366
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 10:13:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3831
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0
162.0.229.248200 OK 3.2 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0
IP 162.0.229.248:0
File type ASCII text, with very long lines (9111)
Hash 078e27719ab2b91e57a3d06d05bf24d8
ee2c8af72d9dbb148d4101a374f6026d0c9c3044
1c8b599f3f7bfa8d7950d95a171f2c873d051960a91c91e22304293596e5b890
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3247
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0
162.0.229.248200 OK 972 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0
IP 162.0.229.248:0
File type HTML document, ASCII text, with very long lines (3029), with no line terminators
Hash 5ed77e0c59800f40061b5c322cff21fa
ced9d401d300dd1fc676a673bbf7e6360beb402d
3b284b8a096256e6cd0d9cbf2cb4b36505e71c0d7b2227fcd3132dddbeea18cc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 972
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.3.0
162.0.229.248200 OK 899 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.3.0
IP 162.0.229.248:0
File type ASCII text, with very long lines (1668)
Hash 22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0
162.0.229.248200 OK 677 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0
IP 162.0.229.248:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0
162.0.229.248200 OK 934 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0
IP 162.0.229.248:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/popper.min.js?ver=1675416155
162.0.229.248200 OK 6.9 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/popper.min.js?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with very long lines (20322), with CRLF line terminators
Hash 414768345e005b1061a6b7587d3f4baa
8057767be371ccb49c848da790f242691f17bd03
e6017d706f85d46a15220bc45eb929710a4a6116773cee3dc872734b8350aef4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/js/popper.min.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6930
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/bootstrap.min.js?ver=1675416155
162.0.229.248200 OK 15 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/bootstrap.min.js?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with very long lines (59729)
Hash debc4877055ab38dafe04eb6b347f576
338b29b3b2ddb77045495f6712bb8c1484661a56
27c0c1e977b27218aa7d39bc204b5a5c6ea03ea7ae55d1a15f64a56cf69fe8e1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/js/bootstrap.min.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15216
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/images/logo.png
162.0.229.248200 OK 25 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/images/logo.png
IP 162.0.229.248:0
File type PNG image data, 1500 x 295, 8-bit/color RGBA, non-interlaced\012- data
Hash aa78d7eb582fe439f52d8f8a0ca9a03a
a844c9c9c3bab04864c861aa34c1224d472ea92d
e1a03f32729cff23c79a8f98ecf9c717f2aa5248d108c884fe97eb2fff69d641
GET /wp-content/themes/travio/assets/images/logo.png HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: image/png
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-length: 24630
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/owl.js?ver=1675416155
162.0.229.248200 OK 18 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/owl.js?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with very long lines (360)
Hash 5eeece9878bd4c368393885a0a937eab
cc29f8542bf2a2913cabe19062c8bc52eea4b30a
ff9f86102c493b00dae544c235da319cca830d4197301783daa07313332f228d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/js/owl.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 17911
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/scrollbar.js?ver=1675416155
162.0.229.248200 OK 12 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/scrollbar.js?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with very long lines (32009)
Hash 2e435edbdabbbb13f4172f4833d6bcbf
070183e5d7ab357938265ab9806fb9115c558f94
9c39d4dab7565f400dd9719dbc68ac72ba7a74ced562c91bb479912ee8772153
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/js/scrollbar.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11725
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/appear.js?ver=1675416155
162.0.229.248200 OK 1.2 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/appear.js?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with CRLF line terminators
Hash 001719c11219c3a8acd22fc4b6d64fc9
f77bf50c1a47cfcfdefeb0c2741b76c8432a9a04
99f1d1345bb8afc5f974e5a1533521c18d580b979c01b2d29846b4348b5c41c6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/js/appear.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1234
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/jquery.nice-select.min.js?ver=1675416155
162.0.229.248200 OK 930 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/jquery.nice-select.min.js?ver=1675416155
IP 162.0.229.248:0
File type Unicode text, UTF-8 text, with very long lines (2822)
Hash 7df2a8ed2b80cde0e5e7ca7c26764651
d6065cf9375fa62f0bc89dd8c7b8d39a7299720b
478a6036f21887bd2c4da8d4c1446b7ca247263af66c79056c0b290076c736fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/js/jquery.nice-select.min.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 930
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/wow.js?ver=1675416155
162.0.229.248200 OK 2.0 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/wow.js?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with very long lines (6269), with CRLF line terminators
Hash 5c77c4afb16dfc30a8fae471b51c1829
2686c3ef2dd3cac91a137cf7ba3780fcc9862b21
e311a10c2ef58b6fceccfceae619546bf9c91cf5bf8c458bed98f62d8724623b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/js/wow.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2037
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/product-filter.js?ver=1675416155
162.0.229.248200 OK 197 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/product-filter.js?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with CRLF line terminators
Hash cab5f9c10b1db8c2c23db0804ade8a08
dc57cd48a2d8b2a6a4d122bf84d4ba18a538a35c
e3c0f16fa94a924edc41bf12a3d4d01783d3d206456db5202d05f30192ad7518
GET /wp-content/themes/travio/assets/js/product-filter.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 197
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/nouislider.min.js?ver=1675416155
162.0.229.248200 OK 8.0 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/nouislider.min.js?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with very long lines (23842)
Hash 3de4da5e379489e103bd6e8502132248
5cfa24b812977786245033dcaf538b3649332ebc
6076808d675bf05270aa2a4361f33bb20c590ad0d9fb58aa2180e8718f066fd0
GET /wp-content/themes/travio/assets/js/nouislider.min.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8033
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
162.0.229.248200 OK 10 kB URL HTTP/2 www.himalayanstaylodges.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
IP 162.0.229.248:0
File type ASCII text, with very long lines (36548)
Hash fa5758a091d6cb4ef9da7d14c9f8b4ea
64991dd17eac6c58c395cb383df447fb4af5581d
9467b257684b8aaae4a7c7ca7d8baf3f4ca4cdb3b6944f67e63ea880c299ef39
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10498
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
162.0.229.248200 OK 6.8 kB URL HTTP/2 www.himalayanstaylodges.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 162.0.229.248:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/travio-custom.js?ver=1675416155
162.0.229.248200 OK 2.0 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/travio-custom.js?ver=1675416155
IP 162.0.229.248:0
Hash 3efc84d10951f3b37d674905068ce0c1
b0d4a8648913b7f86cf73012ff421177d240eb6c
db1222440a6df36b23707f1b2f60e307ef5cdbf4f408712a7d51941f1f313e16
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/js/travio-custom.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1996
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/single-item.js?ver=1675416156
162.0.229.248200 OK 350 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/single-item.js?ver=1675416156
IP 162.0.229.248:0
Hash a560336bce95e869cc74b5abe82dc49b
0aa27f5640011baa763a668f6a172fc6617070e7
ed6854d01a32f34bfff6fd957c38dc9e658d12bc76b68ca280447022a4da176f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/travio-core/assets/elementor/js/single-item.js?ver=1675416156 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:51:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 350
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/script.js?ver=1675416155
162.0.229.248200 OK 2.8 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/script.js?ver=1675416155
IP 162.0.229.248:0
File type ASCII text, with CRLF line terminators
Hash ba60e6919f32ef54b9b5132efd1c3903
05f5c92a8db735732b443ad018e34c9d8b1dcbdd
1855e6eb96294e83615d78f432f1df2ce35207c0920cf5d2e98aec9100486f06
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/js/script.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2829
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/three-item-carousel.js?ver=1675416156
162.0.229.248200 OK 380 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/three-item-carousel.js?ver=1675416156
IP 162.0.229.248:0
Hash 66da7004f4d8654ada72bd48d83bd8dd
0a254e01190c290a6d42f1e64f6304a09bb191c0
b0a70fb3287e394200b58a182cc7b4bada6f5bd55e854bf25c3e542db1e448f3
GET /wp-content/plugins/travio-core/assets/elementor/js/three-item-carousel.js?ver=1675416156 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:51:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 380
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/four-item-carousel.js?ver=1675416156
162.0.229.248200 OK 367 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/four-item-carousel.js?ver=1675416156
IP 162.0.229.248:0
Hash 75b0da09eaf3302c3023e9667dbe6f4b
42672ed860e693d1aee26ba46f10fa497ea3ff68
7f65c162d3a8b216cd6ae62b1403909ef5bd5a36bc2ca19322ab559da263730a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/travio-core/assets/elementor/js/four-item-carousel.js?ver=1675416156 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:51:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 367
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.0
162.0.229.248200 OK 2.1 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.0
IP 162.0.229.248:0
File type ASCII text, with very long lines (4974)
Hash 83c2680579d16bcd7e382867a9bc9cc7
c0614874b51b52bda4681d62e833c4c993987175
d44961c6abdc4ddbb4bd33dc67984a1f38f0cfa26ed29d648577994597a98ad9
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 10:13:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2076
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/funfact.js?ver=1675416156
162.0.229.248200 OK 401 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/funfact.js?ver=1675416156
IP 162.0.229.248:0
Hash 54ad80bdcfb36aed04d7b20edd2fd7bf
8e6fb79b64dc702875cbb8f2a08a9eb166acf24c
955fa6a5c4e721e73d2e12a56cee268fcb94ced2e1a01c9dc562543f77af4a70
GET /wp-content/plugins/travio-core/assets/elementor/js/funfact.js?ver=1675416156 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:51:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 401
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/bannerslider.js?ver=1675416156
162.0.229.248200 OK 355 B URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/bannerslider.js?ver=1675416156
IP 162.0.229.248:0
Hash 5682eaea53771ea7213863ccc339b274
63c1441aeb766357355ff5058816980c58394b84
11ce0f0caa347de78cca8e4657456ed8645b91d0f60e9c8ac08535b0a12f98d8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/travio-core/assets/elementor/js/bannerslider.js?ver=1675416156 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:51:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 355
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
162.0.229.248200 OK 2.9 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 162.0.229.248:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 10:13:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.0
162.0.229.248200 OK 11 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.0
IP 162.0.229.248:0
File type Unicode text, UTF-8 text, with very long lines (35645)
Hash 353388cc2fdf3da834c543a6aa7bfb5e
01d664f3dd904cdc3f8d0532826e578fd3414d9e
dbedf8538f58ddb94b59bcdecb7fef7eeb32ac4d10f19faec944e7aeeeef5737
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 10:13:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11070
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.0
162.0.229.248200 OK 12 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.0
IP 162.0.229.248:0
File type ASCII text, with very long lines (40802)
Hash 4046853285228fd4861281728aece600
4997dbc399d3d0e0c0d23099a682f9cf72a33c00
c7c542f6f26c29f1a438c7d476ebfa1795658b6cd8b7d321b3e7c9757a6ccf1d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 10:13:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11791
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:22:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.himalayanstaylodges.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
162.0.229.248200 OK 4.6 kB URL HTTP/2 www.himalayanstaylodges.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 162.0.229.248:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/jquery.fancybox.js?ver=1675416155
162.0.229.248200 OK 35 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/jquery.fancybox.js?ver=1675416155
IP 162.0.229.248:0
Hash b204d078a1ef49a9f708a131c76561aa
1a2c087bfeb5b852f408850b01cdb70025c1ff0d
862f0271023018af1de8e0cbb86079e31bfe5d7915915f92ec7f248d8194e385
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/js/jquery.fancybox.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 34739
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.3.0
162.0.229.248200 OK 1.1 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.3.0
IP 162.0.229.248:0
File type ASCII text, with very long lines (7043), with no line terminators
Hash 398489038b789364a5c83f044e11974d
d5caf5f64c45693de65b5c0a801bfbf83a325485
32365dde0c909abbb02d8b6a8d9938056ba47f325d51e75082e3d265ce5f76d5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1058
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/uploads/2021/03/page-title-5.jpg
162.0.229.248200 OK 46 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/uploads/2021/03/page-title-5.jpg
IP 162.0.229.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 50", baseline, precision 8, 1920x300, components 3\012- data
Hash 6e92499f4c85c8205989385976084db9
e1693c04e47098ef4dd08b991de8cfa9219bf076
695d1145b74a5c166356fd9cb1502dd4c7a65537f78c5e3f10c8637e1bc120c9
GET /wp-content/uploads/2021/03/page-title-5.jpg HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 11:52:26 GMT
accept-ranges: bytes
content-length: 45505
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
216.58.211.3200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP 216.58.211.3:0
File type Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Hash 60f23230f1a8d5c3b7d25b73f5b5ce23
ed08ada85d017893b9bcb8224e99154c6708f5d2
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.himalayanstaylodges.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 18:29:09 GMT
expires: Mon, 29 Jan 2024 18:29:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
content-type: font/woff2
age: 399221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
216.58.211.3200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
IP 216.58.211.3:0
File type Web Open Font Format (Version 2), TrueType, length 47728, version 1.0\012- data
Hash b1581ddd77372ceb06eb14adfd1bea07
1a3b0fc96fa73b808aa1f91f122a3c9bdcf93ee8
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
GET /s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.himalayanstaylodges.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 18:28:53 GMT
expires: Mon, 29 Jan 2024 18:28:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
content-type: font/woff2
age: 399237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:22:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-brands-400.woff2
162.0.229.248200 OK 75 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-brands-400.woff2
IP 162.0.229.248:0
File type Web Open Font Format (Version 2), TrueType, length 74700, version 329.-17826\012- data
Hash dc83ddbbdd108b159117928063699c4e
36960c9095be11315ea5f9031b3d489629268511
30d34a03dcaa7bb6a46bb49960bd4d7648ca71068b0635da5784e3a1f9070ed6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/fonts/fa-brands-400.woff2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/font-awesome-all.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: font/woff2
last-modified: Mon, 12 Dec 2022 11:52:27 GMT
accept-ranges: bytes
content-length: 74700
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-solid-900.woff2
162.0.229.248200 OK 118 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-solid-900.woff2
IP 162.0.229.248:0
File type Web Open Font Format (Version 2), TrueType, length 117452, version 329.-17826\012- data
Size 118 kB (117452 bytes)
Hash 525bd4ae5b9eaa1e23b4a5c8b28c0d9f
0985532515d580890822bd544fab4a7aea46cb33
b5869f6bb9116c6dd0b6b691d57a17954f3c522cf9ae4497094e62146d8bac15
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/fonts/fa-solid-900.woff2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/font-awesome-all.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: font/woff2
last-modified: Mon, 12 Dec 2022 11:52:27 GMT
accept-ranges: bytes
content-length: 117452
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/icomoon.ttf?ulc4i9
162.0.229.248200 OK 8.3 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/icomoon.ttf?ulc4i9
IP 162.0.229.248:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash c85c59786243dc556fa674c68228a8b1
e1edaf7512865c3c6767a6e6d622fcd5257318ec
26461d6733cb45d73bd71abc50f35c430756c5969040768f33841cde4a3d0d99
GET /wp-content/themes/travio/assets/fonts/icomoon.ttf?ulc4i9 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/flaticon.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: font/ttf
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-length: 8304
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-light-300.woff2
162.0.229.248200 OK 157 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-light-300.woff2
IP 162.0.229.248:0
File type Web Open Font Format (Version 2), TrueType, length 156896, version 329.-17826\012- data
Size 157 kB (156896 bytes)
Hash 6b1c4bcb2a11d69fc64a61f889dfa1d3
313d7b371459d715ffc4c18d483f8541b9d5747a
b6eaf663bf99a31d581721a42668207bdc3d3db6ff33625790019f3682eea9fa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/travio/assets/fonts/fa-light-300.woff2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/font-awesome-all.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: font/woff2
last-modified: Mon, 12 Dec 2022 11:52:27 GMT
accept-ranges: bytes
content-length: 156896
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-1.jpg
162.0.229.248200 OK 14 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-1.jpg
IP 162.0.229.248:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, components 3\012- data
Hash 70b91c3de004890742b4243c4ca0688b
09925962becaaf122af108fe71589135e260b1aa
d451037c7eab0df8481f721c41b25bdc038f195ce9e27c99bb919e96b03d661a
GET /wp-content/uploads/2021/02/footer-gallery-1.jpg HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:51 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 11:52:20 GMT
accept-ranges: bytes
content-length: 14416
date: Fri, 03 Feb 2023 09:22:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-2.jpg
162.0.229.248200 OK 13 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-2.jpg
IP 162.0.229.248:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, components 3\012- data
Hash 8e8bdee7d262c59f13349e58cd831586
4c512bafd7b4bf7e1998fc6dccf5b16399a612f9
120341bbd3392802f1aeb42c2b788409afd7cd386f47c1e8c94d0e466ac534da
GET /wp-content/uploads/2021/02/footer-gallery-2.jpg HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:51 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 11:52:25 GMT
accept-ranges: bytes
content-length: 12776
date: Fri, 03 Feb 2023 09:22:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-4.jpg
162.0.229.248200 OK 12 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-4.jpg
IP 162.0.229.248:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, components 3\012- data
Hash 1283f393c1a650259cdd895adb720e05
7a66d836d3472953ab60449e5d012a96ba276a60
9bc90bfb7f76618897b8a1da6850904bbf82eba59a44af09ea23010b6944849b
GET /wp-content/uploads/2021/02/footer-gallery-4.jpg HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:51 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 11:52:23 GMT
accept-ranges: bytes
content-length: 12079
date: Fri, 03 Feb 2023 09:22:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-5.jpg
162.0.229.248200 OK 12 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-5.jpg
IP 162.0.229.248:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, components 3\012- data
Hash f7bf9668eb596a70a69c651c8e079c2c
a7f83ea6ab274c3efd9f01df649034cc1f166fb3
e97647410c1faa611a086e1a4ea689e3615157d5a2e03f43e23e03f0803e7ec5
GET /wp-content/uploads/2021/02/footer-gallery-5.jpg HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:51 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 11:52:21 GMT
accept-ranges: bytes
content-length: 12089
date: Fri, 03 Feb 2023 09:22:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-6.jpg
162.0.229.248200 OK 12 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-6.jpg
IP 162.0.229.248:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, components 3\012- data
Hash c6e73aab0d92c735836d31693a099792
704d586c1d999093830567e9b8b83276dc3fa273
d421e196542e50d83519cfa8a2d7fa5afa54d9a7a4b94d7da881ec838ae714da
GET /wp-content/uploads/2021/02/footer-gallery-6.jpg HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:51 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 11:52:22 GMT
accept-ranges: bytes
content-length: 11859
date: Fri, 03 Feb 2023 09:22:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-3.jpg
162.0.229.248200 OK 12 kB URL HTTP/2 www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-3.jpg
IP 162.0.229.248:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, components 3\012- data
Hash bcbaa28552b6e669b699eb8c7718308e
90adc81287c633278ab72ef6bd7f5d0772d92b0a
4bb51008abfc72e006ba58611c5e1da0cd52a657577bf4ebd83e18c9c8bccc54
GET /wp-content/uploads/2021/02/footer-gallery-3.jpg HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:51 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 11:52:23 GMT
accept-ranges: bytes
content-length: 12022
date: Fri, 03 Feb 2023 09:22:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/favicon.ico
162.0.229.248404 Not Found 1.2 kB URL HTTP/2 www.himalayanstaylodges.com/favicon.ico
IP 162.0.229.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 03 Feb 2023 09:22:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.himalayanstaylodges.com/?wc-ajax=get_refreshed_fragments
162.0.229.248200 OK 210 B URL HTTP/2 www.himalayanstaylodges.com/?wc-ajax=get_refreshed_fragments
IP 162.0.229.248:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0c97a46508dc677362be2a79fd34feea
bce89aaf991907a16c951cc6a9a8121045374e22
3e799d21e1116a135fcd10c071506f34b99cf79d93b5548199e1376f88b62434
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.himalayanstaylodges.com
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
access-control-allow-origin: https://www.himalayanstaylodges.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
x-litespeed-tag: 3ca_HTTP.200,3ca_HTTP.200
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: no-cache
content-length: 210
date: Fri, 03 Feb 2023 09:22:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700;800;900&family=Playfair+Display:wght@400;500;600;700;800;900&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700;800;900&family=Playfair+Display:wght@400;500;600;700;800;900&display=swap
IP 142.250.74.106:0
GET /css2?family=Work+Sans:wght@400;500;600;700;800;900&family=Playfair+Display:wght@400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 09:22:49 GMT
date: Fri, 03 Feb 2023 09:22:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 09:22:49 GMT
date: Fri, 03 Feb 2023 09:22:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2