Report - himalayanstaylodges.com/RFRTA/WARFG/196dd/

Report Overview

Submitted URL
himalayanstaylodges.com/RFRTA/WARFG/196dd/
IP
162.0.229.248
ASN
#22612 NAMECHEAP-NET
Submitted
2023-02-03 09:22:59
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
96

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.himalayanstaylodges.com	unknown	2022-12-12T11:56:39Z	2023-02-03T10:22:48Z	36 kB	906 kB	162.0.229.248
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.0 kB	85 kB	216.58.211.3
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	964 B	172.64.155.188
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.7 kB	3.5 kB	142.250.74.131
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.191.251.76
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	54 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	1.3 kB	1.3 kB	142.250.74.106
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.77.32
himalayanstaylodges.com	unknown	2021-01-23T13:16:54Z	2023-03-04T01:14:09Z	844 B	1.4 kB	162.0.229.248

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	himalayanstaylodges.com/RFRTA/WARFG/196dd/	Phishing
2023-02-03	medium	himalayanstaylodges.com/RFRTA/WARFG/196dd/	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.1.5	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.1.5	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-includes/css/classic-themes.min.css?ver=1	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/RFRTA/WARFG/196dd/	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.3.0	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/font-awesome-all.css?ver=1	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/flaticon.css?ver=1	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/jquery.fancybox.min.css?ver=1	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/nice-select.css?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/animate.css?ver=1	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/color.css?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/responsive.css?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/nouislider.min.css?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/theme-style.css?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/popper.min.js?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/bootstrap.min.js?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/owl.js?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/scrollbar.js?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/appear.js?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/jquery.nice-select.min.js?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/wow.js?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/travio-custom.js?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/single-item.js?ver=1675416156	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/script.js?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/four-item-carousel.js?ver=1675416156	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/bannerslider.js?ver=1675416156	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.0	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.0	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/jquery.fancybox.js?ver=1675416155	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.3.0	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-brands-400.woff2	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-solid-900.woff2	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-light-300.woff2	Phishing
2023-02-03	medium	www.himalayanstaylodges.com/?wc-ajax=get_refreshed_fragments	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (42)

	URL	Size	First Seen	Last Seen
	www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/funfact.js?ver=1675416156	1.3 kB	2023-03-12	2023-04-05
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/funfact.js?ver=1675416156 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:30:01 Last Seen2023-04-05 10:38:24 Times Seen3 Hash 073c1b14cbb4cd83788e22ee8c904e8a 1818118bd465904ccb1ea00197bb16c55a3d6dce 53f131cd614a7050e2605e8aa4a1e845e2a8bfbe268542bd7c7970aabc4bbef1 Loading...

	www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/three-item-carousel.js?ver=1675416156	1.0 kB	2023-03-12	2023-04-05
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/three-item-carousel.js?ver=1675416156 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:30:01 Last Seen2023-04-05 10:38:24 Times Seen3 Hash fdb2434aa7ea43a62369912304830263 ff43b7be9b19eca32292b7037fa160ac6618f9d9 2943a73be7587ea7e191de3d4d915815d0ecbc2ce653dee996dc93e60649d280 Loading...

	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/nouislider.min.js?ver=1675416155	24 kB	2023-03-07	2024-04-18
Pretty URL www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/nouislider.min.js?ver=1675416155 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:09 Last Seen2024-04-18 23:00:16 Times Seen266 Hash 7d96e0c81c38b9d902d9e44dad502f26 1a987388719888a9b55b96b29fe1b71e7c357679 cb59254bd27d846c3195462d1ca61bbb76d72e7d7ee2bf4d401a0e99a0d25644 Loading...

	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/jquery.nice-select.min.js?ver=1675416155	2.9 kB	2023-03-07	2024-05-10
Pretty URL www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/jquery.nice-select.min.js?ver=1675416155 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:39 Last Seen2024-05-10 06:51:30 Times Seen2240 Hash d13462ec489f9f0c309a811f85feb3d6 d9545f8b139eae5b387de1a60a84abe949c7e88f 66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a Loading...

	www.himalayanstaylodges.com/RFRTA/WARFG/196dd/	600 B	2023-03-07	2024-05-11
Pretty URL www.himalayanstaylodges.com/RFRTA/WARFG/196dd/ IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-05-11 00:17:05 Times Seen2834 Hash 465b287774ce34eb83ead8af520c1149 d7981fbda1f395b47c5a615aca55c730634d00d5 24a9df5c9124b14e865bc4574068003fc22dd9815889607d6badbdf19d4256b3 Loading...

	www.himalayanstaylodges.com/RFRTA/WARFG/196dd/	355 B	2023-03-13	2023-03-13
Pretty URL www.himalayanstaylodges.com/RFRTA/WARFG/196dd/ IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:41:55 Last Seen2023-03-13 15:41:55 Times Seen1 Hash b3463a661980cb584b06fe1ab4fe5561 6fe946d5801ab6cf2be2124768999121372ffa41 6af96f817fdbf2110948915b8b9c7943e5b4d404a7280e30ab46a926e70834b6 Loading...

	www.himalayanstaylodges.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2	13 kB	2023-03-09	2024-05-10
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:22:20 Last Seen2024-05-10 19:24:56 Times Seen2592 Hash f57435a927d422043befe66bd74f4d68 4a2f90016ca54d0938263c50b8995bf889f6278b f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700 Loading...

	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/wow.js?ver=1675416155	6.3 kB	2023-03-07	2024-05-10
Pretty URL www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/wow.js?ver=1675416155 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-05-10 11:49:25 Times Seen2058 Hash 11ac4d7173a68c50169addca2ef1b827 621284d032a248c41753e995680fc30089bd374c dd90fdb6538987fe7975bd43803b1c7d8d62912a371c788caec32d016e09dca8 Loading...

	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/script.js?ver=1675416155	12 kB	2023-03-12	2023-04-05
Pretty URL www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/script.js?ver=1675416155 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:30:01 Last Seen2023-04-05 10:38:24 Times Seen4 Hash af170bf91089a0b5f6bb5f2b9793f468 ee8690e7c453b0833d986d8e430fb640c1acc168 9ba58686a5fac000fd103e7f5f9babcf9f873849267026283577dc69ff5083ac Loading...

	www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0	3.0 kB	2023-03-08	2024-05-10
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:31 Last Seen2024-05-10 20:32:53 Times Seen11438 Hash f449e3e4a7c058f7c48f57e05c788fb0 e7b0c58a1a14c14a92e452cc544b312ed91fa52e bfd861dc2936299f52adca1da826c273dced7c77ad4c33d31916ad55ab354e89 Loading...

	www.himalayanstaylodges.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-05-10
Pretty URL www.himalayanstaylodges.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-05-10 23:44:41 Times Seen32026 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	www.himalayanstaylodges.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2	37 kB	2023-03-08	2024-05-09
Pretty URL www.himalayanstaylodges.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-05-09 17:03:39 Times Seen1971 Hash f459ae22e306d57a5025f38b684779e5 3af537280caba35d06eaf736a511d9185cfc21b9 8821cd10861112ac07254592b0b332abd02cfb6ac32c0ac71378be0fb58c309f Loading...

	www.himalayanstaylodges.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-03-08	2024-05-09
Pretty URL www.himalayanstaylodges.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-05-09 23:11:38 Times Seen9848 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.0	5.0 kB	2023-03-12	2024-05-08
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.0 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:30:30 Last Seen2024-05-08 07:48:43 Times Seen265 Hash 95deb179d48568680ca9033826012512 bf916a382fabe80f7328be63efd494872d4e08a3 db44a9dd0087e0c0b7a1cc4eec2c3956ea83f99a84717fcbd26bd769c0d0da8d Loading...

	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/popper.min.js?ver=1675416155	20 kB	2023-03-07	2023-11-17
Pretty URL www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/popper.min.js?ver=1675416155 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:49:06 Last Seen2023-11-17 10:54:47 Times Seen14 Hash 259d1b82ff657ba97665da473f0e0380 812b10a8c2a833df6b5abee79945a85897953cf7 ba57e57cbdccad0fba5f0d4b56cb447563c9664fb00afb661cd98834643c9b47 Loading...

	www.himalayanstaylodges.com/RFRTA/WARFG/196dd/	152 B	2023-03-07	2024-05-10
Pretty URL www.himalayanstaylodges.com/RFRTA/WARFG/196dd/ IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-10 23:57:02 Times Seen20200 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	www.himalayanstaylodges.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-05-10
Pretty URL www.himalayanstaylodges.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-10 20:32:53 Times Seen38257 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/bannerslider.js?ver=1675416156	1.2 kB	2023-03-12	2023-03-13
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/bannerslider.js?ver=1675416156 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:30:01 Last Seen2023-03-13 15:41:55 Times Seen1 Hash a2c285fd7790e1a576d7e81a54c707cc 618b426e2962866618b63ec433a2a48ed48fdff3 8356eef7abf1f8ba601d286a3a99d727016eb0700a4dbe8b83bcc06781e9b50a Loading...

	www.himalayanstaylodges.com/RFRTA/WARFG/196dd/	2.2 kB	2023-03-12	2023-03-13
Pretty URL www.himalayanstaylodges.com/RFRTA/WARFG/196dd/ IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:30:01 Last Seen2023-03-13 15:41:55 Times Seen1 Hash 66d988ca0f9a3c6ae71e0df2bb05c424 04522ed89d0691cb01426930230af8db58d27c53 918b5511331de7493e389d3bdef336d366f184be026cf144efd764a39340f7ed Loading...

	www.himalayanstaylodges.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-05-11
Pretty URL www.himalayanstaylodges.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-11 01:26:12 Times Seen69213 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.himalayanstaylodges.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2	11 kB	2023-03-09	2024-05-11
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:22:20 Last Seen2024-05-11 02:52:41 Times Seen8938 Hash 7f0734e228d3f1a255a8b817a5005b8e 3dfca70a7a3e298fc392f2393ca60d350eebb5fd 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228 Loading...

	www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0	9.5 kB	2023-03-08	2024-05-10
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:31 Last Seen2024-05-10 23:57:06 Times Seen14462 Hash 4ffc462852340d9e6b5b7b29276fcb71 5e04050e09e3f7d8107ef3b9aa9313be618c460e 18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526 Loading...

	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/jquery.fancybox.js?ver=1675416155	154 kB	2023-03-07	2024-05-08
Pretty URL www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/jquery.fancybox.js?ver=1675416155 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-05-08 07:53:34 Times Seen1405 Hash 6e11711058a9459a94d5a19b26a78135 76792d5913afe035b6ccbac585b0b5e70b33aa76 7b99eee1db728472aaa8452017a0d755f488e8d647cc0f62baf45f8ff65b95ba Loading...

	www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	12 kB	2023-03-07	2024-05-11
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-11 01:26:12 Times Seen53806 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/appear.js?ver=1675416155	4.4 kB	2023-03-07	2024-05-10
Pretty URL www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/appear.js?ver=1675416155 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-05-10 11:49:25 Times Seen1869 Hash 5a457d262e3c32d25c003ca412ee7fe6 b08e23c986259073419a7068fcd36296a91b1ae4 46fb2235bcf84086a9b939ae509ecacc01bb31c68ba94e6473e31d8adebec3eb Loading...

	www.himalayanstaylodges.com/RFRTA/WARFG/196dd/	294 B	2023-03-12	2023-03-13
Pretty URL www.himalayanstaylodges.com/RFRTA/WARFG/196dd/ IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:30:01 Last Seen2023-03-13 15:41:56 Times Seen1 Hash ce1d0db578c44aeb1fac5d1f53ca1428 9e328773ba8b718391a238c37885744917add3fa f417bb6f86a058d7b3fd562e04e30d312919e51aa9fa255a39ffbdc558f494ee Loading...

	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/product-filter.js?ver=1675416155	636 B	2023-03-12	2023-04-05
Pretty URL www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/product-filter.js?ver=1675416155 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:30:01 Last Seen2023-04-05 10:38:24 Times Seen3 Hash 57d94bafb2129f1ffe63322c3727f11c e5e30c236b149117acc81fd53d51b797dc89edd8 7e6ec02bec07ebc9fa1cc51afd2d1861cbb8261d2347c5e3b2001a0b5a89de0d Loading...

	www.himalayanstaylodges.com/RFRTA/WARFG/196dd/	1.9 kB	2023-03-13	2023-03-13
Pretty URL www.himalayanstaylodges.com/RFRTA/WARFG/196dd/ IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:52:14 Last Seen2023-03-13 15:41:56 Times Seen1 Hash 5e753cc42f2aaa70581217f6f8e7ca10 3d9d6902392b6d0403a8ba97fe87343fe71fa15c e3bce9e3a28b549e98de1e66addec26004ebcadd60d8f61ae22429d27e296b9b Loading...

	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/bootstrap.min.js?ver=1675416155	60 kB	2023-03-07	2024-05-03
Pretty URL www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/bootstrap.min.js?ver=1675416155 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:47:08 Last Seen2024-05-03 11:41:48 Times Seen267 Hash 4cfcd9ef665ac4f7b0a0164943fafc41 8bf0a31c56a8f04247d966cb121643e05f48f7d0 03ace13cf97c2b8a48d4f158222cce6c201ba7c88615c489043ca8c2acc8fdc1 Loading...

	www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.0	36 kB	2023-03-12	2024-05-08
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.0 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:30:30 Last Seen2024-05-08 07:48:43 Times Seen249 Hash 543b42b9b2b88deebd8a9786a0f45eac bd334f8b9002508c500b42d85ffab9347946784d fd9b1a5eb16b1739ce35bc08d75f3b48714a20ccf740e3bb08fba79a6489f834 Loading...

	www.himalayanstaylodges.com/RFRTA/WARFG/196dd/	135 B	2023-03-07	2024-05-11
Pretty URL www.himalayanstaylodges.com/RFRTA/WARFG/196dd/ IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-05-11 01:54:49 Times Seen26808 Hash 3f82b089cf163a5417b3edb4687151f7 28436f92ab540ff08b12fdefddc7da67ba0f04f7 5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850 Loading...

	www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0	2.1 kB	2023-03-07	2024-05-10
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-05-10 23:57:06 Times Seen22537 Hash b72c1cbb1530a011a27bd9800f26765a 27b825c5d8255f33b8427a059d4545ebd65e1746 a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8 Loading...

	www.himalayanstaylodges.com/RFRTA/WARFG/196dd/	154 B	2023-03-12	2023-03-13
Pretty URL www.himalayanstaylodges.com/RFRTA/WARFG/196dd/ IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:30:01 Last Seen2023-03-13 15:41:56 Times Seen1 Hash 17f6c1990b0e13966902f707cbd3d346 914d625ac4df954928e1683a807464bc9dfbe4d9 885e4bd27b2c38ca0bfb2df15d1e5a0e565abff70dcef309462b6ac5852650c3 Loading...

	www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.3.0	1.8 kB	2023-03-07	2024-05-10
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.3.0 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-05-10 23:57:06 Times Seen21736 Hash d0a6d8547c66b0d7b0172466558d1208 ff93916519c7b9483251f609e4d29f38c30a66e3 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612 Loading...

	www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0	2.9 kB	2023-03-07	2024-05-10
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-05-10 23:57:06 Times Seen14055 Hash 0fd625c3991a4015814cffdc88e2fc82 d7c2f53e058210ff3ea773297641008bab71a5f3 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1 Loading...

	www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/four-item-carousel.js?ver=1675416156	1.2 kB	2023-03-12	2023-04-05
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/four-item-carousel.js?ver=1675416156 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:30:01 Last Seen2023-04-05 10:38:24 Times Seen3 Hash 8c30fdf3c3b5956f44dc4ac6a823a02c cade4cad4c0a81c74045ae59c625653d2172fd40 92aca7b7f365a19b4f10d6409de4ceee42de6a5694b32cc5e14ba4a31434d122 Loading...

	www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.0	41 kB	2023-03-12	2024-05-08
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.0 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:30:30 Last Seen2024-05-08 07:48:43 Times Seen301 Hash 36e857b284b82b6f3c81553a9c494fef 413ba7f3592577a28fc5bfc8c722bf4a03046f54 5c0edb3325d68f13781007d03de3f991b5c2c04a1ad7262f3aa1086076636cd6 Loading...

	www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/single-item.js?ver=1675416156	1.1 kB	2023-03-12	2023-04-05
Pretty URL www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/single-item.js?ver=1675416156 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:30:01 Last Seen2023-04-05 10:38:24 Times Seen3 Hash f8086e8c1913ae5d35e2b2d9d03a5916 a62fdd5b41032b4e657a972b867a17eb592448d3 57159fa42a3f7e925834a5fd4d4dcf52cbb88f2ac3d44b47d324cbdc35039d67 Loading...

	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/owl.js?ver=1675416155	85 kB	2023-03-07	2024-05-10
Pretty URL www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/owl.js?ver=1675416155 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:42 Last Seen2024-05-10 05:47:55 Times Seen1765 Hash 54428880ec8df798ac3d666f5113c7ff 9e43e74b8677f39e87f1b11be4d536c618b14bb3 0402874ff311f284b18af9e4c453ee5bf0916a3b7335f0be52dcb54a1a31338b Loading...

	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/scrollbar.js?ver=1675416155	40 kB	2023-03-07	2024-05-08
Pretty URL www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/scrollbar.js?ver=1675416155 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:43 Last Seen2024-05-08 07:53:34 Times Seen985 Hash 71951b246c4726520dce912a5ac7f03c 56906b9b9f41df67063091b7a66c8584d87d748f dd3bda90c210c66fd618bb0c35f4b21f871ce1dae7396053cb4b3a90b3ec51b0 Loading...

	www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/travio-custom.js?ver=1675416155	9.6 kB	2023-03-12	2023-04-05
Pretty URL www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/travio-custom.js?ver=1675416155 IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:30:01 Last Seen2023-04-05 10:38:24 Times Seen3 Hash e5ad5201b0bacebdedbd2557f05304e2 d24516424b9592dbf2a196d23ca2be88134d9662 15ed560590d152f1c4bffb3a404dfc8c2af961b5093691cab5f5883a67d52fcf Loading...

	www.himalayanstaylodges.com/RFRTA/WARFG/196dd/	270 B	2023-03-12	2023-03-13
Pretty URL www.himalayanstaylodges.com/RFRTA/WARFG/196dd/ IP 162.0.229.248 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:30:01 Last Seen2023-03-13 15:41:56 Times Seen1 Hash d7f8e77d7971f3bbe42ce7d106f4cffc 6faa04d6f5b21588678406894267c6ae1298df23 1d0d23384918611ca9510b58dc7ea5f599e717846e7e9a27ffd0a21eb9056ee1 Loading...

HTTP Transactions (107)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8805
Expires: Fri, 03 Feb 2023 11:49:33 GMT
Date: Fri, 03 Feb 2023 09:22:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14791
Expires: Fri, 03 Feb 2023 13:29:19 GMT
Date: Fri, 03 Feb 2023 09:22:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10840
Expires: Fri, 03 Feb 2023 12:23:28 GMT
Date: Fri, 03 Feb 2023 09:22:48 GMT
Connection: keep-alive

himalayanstaylodges.com/RFRTA/WARFG/196dd/

162.0.229.248

301 Moved Permanently

707 B

URL HTTP/1.1
himalayanstaylodges.com/RFRTA/WARFG/196dd/
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /RFRTA/WARFG/196dd/ HTTP/1.1
Host: himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 03 Feb 2023 09:22:47 GMT
server: LiteSpeed
location: https://himalayanstaylodges.com/RFRTA/WARFG/196dd/
x-turbo-charged-by: LiteSpeed

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 08:36:10 GMT
content-type: application/json
age: 2798
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: YhtQB2VSEmuGCzr+h1l4QSL7YPLP13BCng8FyjI9mPimBZErpCojgE0jTdM2s12GW/qf15G/Gn8=
x-amz-request-id: JWNSYST5Z185266N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 08:52:20 GMT
age: 1828
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 09:22:48 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 09:07:19 GMT
age: 929
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8334
Expires: Fri, 03 Feb 2023 11:41:42 GMT
Date: Fri, 03 Feb 2023 09:22:48 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
a062cfd097e03033b7454d67caed291c
6eca454052daafcc4d79fad11a199185be2cf95f
796232e0f604b93a996c82a918d35a5d8463feda99087d4d7a12380096b46278

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:22:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 05:24:52 GMT
Expires: Fri, 10 Feb 2023 05:24:51 GMT
Etag: "6eca454052daafcc4d79fad11a199185be2cf95f"
Cache-Control: max-age=589922,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793a1aacdc0c0b65-OSL

himalayanstaylodges.com/RFRTA/WARFG/196dd/

162.0.229.248

301 Moved Permanently

0 B

URL HTTP/2
himalayanstaylodges.com/RFRTA/WARFG/196dd/
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /RFRTA/WARFG/196dd/ HTTP/1.1
Host: himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
x-litespeed-cache: hit
content-length: 0
date: Fri, 03 Feb 2023 09:22:48 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.191.251.76

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.191.251.76:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7OThaYTVzi5aUujE5lQiuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Kd+OBWtHpAdO1RpHG0tmWdH82pg=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:22:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:22:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:22:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.himalayanstaylodges.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.1.5

162.0.229.248

200 OK

23 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.1.5
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size
23 kB (23279 bytes)
Hash
7764ef0866edd9e19f3bae0b3774154c
2a8091abd24aa9434f9c4374a34a584af19106c8
47c6e34db110643e3578fa035f62d990d69575305f466756efc84527fb0fa604

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.1.5 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 04:51:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23279
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.1.5

162.0.229.248

200 OK

1.8 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.1.5
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (10435), with no line terminators
Size
1.8 kB (1754 bytes)
Hash
f7237084ac82ea6a4f5bf1448c3a2148
60457635a5e809ee1199c61090d8e33b91e8e1f2
18a1cb7f08c1ace52a79f46d73461ed03bf8cf5c9e8a3687eacc3e04f08e7a09

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.1.5 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 04:51:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1754
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

162.0.229.248

200 OK

12 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (47826)
Size
12 kB (11616 bytes)
Hash
c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-includes/css/classic-themes.min.css?ver=1

162.0.229.248

200 OK

217 B

URL HTTP/2
www.himalayanstaylodges.com/wp-includes/css/classic-themes.min.css?ver=1
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:36 GMT
accept-ranges: bytes
content-length: 217
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/RFRTA/WARFG/196dd/

162.0.229.248

404 Not Found

19 kB

URL HTTP/2
www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381)
Size
19 kB (18635 bytes)
Hash
a0ccf9edb87bf2fda45373b78d3539f4
475d3995f7afac4ed2f74bea6f2dbc456c2e5059
5178dfcbdb6bf6e70f01dea57f4df75d51666630b7d4449c11d8dbcb99eb1cb7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /RFRTA/WARFG/196dd/ HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.himalayanstaylodges.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 09:22:48 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.3.0

162.0.229.248

200 OK

2.3 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.3.0
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (17809), with no line terminators
Size
2.3 kB (2329 bytes)
Hash
09d93f4de720fc11a2944fea38fcafcd
e46cf6a8d3373c7fa5feba0b30cd9b9983f719b2
cf900721be13309b96cf6c6f56b1c0a40194e8aea1b0a0361739219c9c0f9998

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2329
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.3.0

162.0.229.248

200 OK

8.4 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.3.0
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (62781), with no line terminators
Size
8.4 kB (8434 bytes)
Hash
6688cf6da7f8e77fce4b23ecd4fa64d4
b787949222758071c1a6221f698cad9bf9b1db2e
1b0db771c94b550d2e2eb123523a8357529aa8ec8869be9e8aabb2595055f438

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8434
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/font-awesome-all.css?ver=1

162.0.229.248

200 OK

16 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/font-awesome-all.css?ver=1
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
16 kB (16233 bytes)
Hash
3d1672d6a5e551d5da610f1cb2e5df6c
9e29d7cb241684ae7e9d23f2f10e5922bffd34bd
2d6fa326596d9a8b3a9235bf320626f19996f34b0e49625184538c73cbae65e1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/css/font-awesome-all.css?ver=1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16233
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/flaticon.css?ver=1

162.0.229.248

200 OK

542 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/flaticon.css?ver=1
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
542 B (542 bytes)
Hash
a2ec2dbe0c709ff71d76994b5ca3df5b
47bbfe70a96f8e2de8d57434214f47b90df47a4c
6c288a0e0ec4ed51a2247577da91a8fec1758cf0ac5a06387ad42711ad8417ca

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/css/flaticon.css?ver=1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 542
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/owl.css?ver=1

162.0.229.248

200 OK

1.2 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/owl.css?ver=1
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
1.2 kB (1211 bytes)
Hash
ec1d46b2a5b16e065932e677df5feb1c
5b2f8f4bcec87660cb27ebb2bf820a476bc55bc0
543668594da81ce5e4714103774ac128e21825dcdf89bd18bcd2a41553dea77b

HTTP Headers

GET /wp-content/themes/travio/assets/css/owl.css?ver=1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1211
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9090
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:22:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9090
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:22:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9090
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:22:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9090
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:22:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9090
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:22:50 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9779 bytes)
Hash
352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p74tt3doRE9DKoD5cpPKriYPFEQhq7f3Xf8vhgNNz7QhZNIvdc6NQQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:05:18 GMT
age: 40652
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8211 bytes)
Hash
114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmKLVHwroAMF72Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _VFg0FMYa1Dg55fLpJTwdX2uZXkYjZSFdbdAKqGQu7GF2dPiawKh1g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 05:59:16 GMT
age: 12214
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5898 bytes)
Hash
5314f1087266189144982b464f4aa7a6
438b5a17b9060f6825331348aa3797ab1c15895d
fb7d5ec834d28c99f6430703c002c24a9caf50b7701a369cbd69e51576f1e73c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5898
x-amzn-requestid: 50d6181d-6804-48ab-bc38-9fcaf4da1bc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fZALWF5IIAMFv5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d37a48-2e2e53124ce2f9eb31290ec4;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:16:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9Jus6UYlOGiDdqLBxJ387FMtEAST6THfW-oz6gjgFzKzchCdwUCcvQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 03:13:49 GMT
age: 22141
etag: "438b5a17b9060f6825331348aa3797ab1c15895d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3385 bytes)
Hash
703c7834618fd34f3d7ce5c82a51abc0
4bdaa7e9e8d6408b73ea457e7aabb26fa2a5c81c
1f467ce5825e3f8b8f841293d1ce945dc7a577abbe2cb8a2caa16ace165f4857

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3385
x-amzn-requestid: 30717e1a-7a08-4b11-90e7-cd175aa667d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzrEo4oAMF1qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce4-3bc1302b4cf47fa2520e3033;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AnMRlC-rgJLk6OwzHDFeaGBuDfEuRj_n0S2o1o7QSTZqMwCIr-20-A==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:35 GMT
age: 41775
etag: "4bdaa7e9e8d6408b73ea457e7aabb26fa2a5c81c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 1350cdd1-10c2-44e0-993d-2335a082fb91
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fstgNH0moAMF3OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db5c67-02211c3d5ca147c718348860;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 06:47:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t7OYoLCzzQakW2lqiAUaeKA00Beq4J5elQ5qF7yGUb2L7JSNUJCPNA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 05:40:54 GMT
age: 13316
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9130 bytes)
Hash
02123eef9faa8560ff66b058d4e13a28
decf26282993d7f0b14cf4112d14fa39c97fa89f
28889ff20f1b2fe0b73f8f97e6569f1d68d77fe436eeb47cc06ee4f0822ff239

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9130
x-amzn-requestid: 09ad3fbb-1e71-4455-82df-6e59f65239a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuxiYEkqIAMFVZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2fa8-1dca116e4317f9bd14f6d45a;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:48:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Bc2svrG-wX63DK9RPUyjh-n6AHVHaQe3QRmEL27L-amwCH2I_f_9g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:05:17 GMT
age: 40653
etag: "decf26282993d7f0b14cf4112d14fa39c97fa89f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/style.css?ver=1675416155

162.0.229.248

200 OK

19 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/style.css?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (582)
Size
19 kB (18862 bytes)
Hash
ccaf9391738a82df093bacbab0bfc723
9b990cfda10876ca859c5d9d3a40a407e9553da7
a2ad700f81d9b4f8f0f4526c3ce5db05304bfd1b8df398defa27f5b8aa4d29c8

HTTP Headers

GET /wp-content/themes/travio/style.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18862
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/jquery.fancybox.min.css?ver=1

162.0.229.248

200 OK

2.9 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/jquery.fancybox.min.css?ver=1
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (13734), with no line terminators
Size
2.9 kB (2938 bytes)
Hash
714bd61fca96c0c2c0594d0d0e889352
4686ddf4ee0313959b93aef1e2b42196dacb2158
66eb73bd1e47a0332c212d07d20e001ff1b77e20e77e178f9fc2705e6b046f1d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/css/jquery.fancybox.min.css?ver=1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2938
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/jquery-ui.css?ver=1675416155

162.0.229.248

200 OK

7.1 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/jquery-ui.css?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2363)
Size
7.1 kB (7117 bytes)
Hash
8bf0992d3fc33733d7be1dadf3beabd3
eaa9bb4cad47cf61efe8d8b033c407276b6b211f
0f80ac91a12e48762121cc42b0515b7af6d1cf36033c46df5961d92d5ec9c2a5

HTTP Headers

GET /wp-content/themes/travio/assets/css/jquery-ui.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7117
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/nouislider.pips.css?ver=1675416155

162.0.229.248

200 OK

405 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/nouislider.pips.css?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
405 B (405 bytes)
Hash
2929a3087d3a16cce842d64fdc569ca7
b750e217ce17b615f5909f42f963ec9c0df2af16
341cfa69939f2dec8e0ecb4749cb0e0fda53b02a2835552147665c92880a3aa8

HTTP Headers

GET /wp-content/themes/travio/assets/css/nouislider.pips.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 405
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/nice-select.css?ver=1675416155

162.0.229.248

200 OK

931 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/nice-select.css?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
931 B (931 bytes)
Hash
bf85a978164301e5d4261f0ffedafeb9
53abf15e06137a02072b5740c6c1db3f8ac072e2
63ff6cf9765c7f854982d74c94dc3db9c8a44da5560e38866334e9c09b8692a6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/css/nice-select.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 931
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/animate.css?ver=1

162.0.229.248

200 OK

5.1 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/animate.css?ver=1
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
5.1 kB (5061 bytes)
Hash
1fadd55fbbe1050d53d5aaa0e4391811
6e47a35250e5102ac49b2b58358d0145f94bc5b8
330d6bbd31a387e062e2c35d1f0345310d3fcba71e69024b5838d6a7bf2d6702

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/css/animate.css?ver=1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5061
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/bootstrap.css?ver=1675416155

162.0.229.248

200 OK

23 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/bootstrap.css?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (629)
Size
23 kB (23261 bytes)
Hash
dcc5f88052caf4b1d5135f25af96c1c0
6c2eefbcf9189b5204e2435b219aeb147529c724
6a969933b6912dfb1e1f8a725227e55d3b0ecfc19c3154a45b60c9d75cf00bb3

HTTP Headers

GET /wp-content/themes/travio/assets/css/bootstrap.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23261
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/blog-page.css?ver=1675416155

162.0.229.248

200 OK

1.0 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/blog-page.css?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
1.0 kB (1030 bytes)
Hash
3c69cf6dee23f676adf3e33a8ddae8e7
1fd0ad9428ec85d7fc253e63d996dcf0c1d101be
b4a46e28e38d8ccb7d230021e888d55f2d27f3c051416beb2cd496035a7a44b2

HTTP Headers

GET /wp-content/themes/travio/assets/css/blog-page.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1030
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/color.css?ver=1675416155

162.0.229.248

200 OK

1.7 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/color.css?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
1.7 kB (1686 bytes)
Hash
f154a2fc236533a89ec8d9f1c1dee61f
d9bab79aaf97304829e1e9113af3863c9a33cd58
f841d8a9cf7f6b551b98784eff5b9f7254decad87ea2505e8215d2b2d6dcec3f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/css/color.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1686
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/responsive.css?ver=1675416155

162.0.229.248

200 OK

2.9 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/responsive.css?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
2.9 kB (2939 bytes)
Hash
0dba67911ec8f6ae6ed15762e19c33eb
146c7be4fba3ecf192465379b81930a92b229183
78a0c711d286c5933f4fb592cfa69663023fed0a5bd039ca693afd526071d203

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/css/responsive.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2939
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/nouislider.min.css?ver=1675416155

162.0.229.248

200 OK

1.0 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/nouislider.min.css?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3999)
Size
1.0 kB (1039 bytes)
Hash
5f0f2259ff2ef04c775452f721e9efec
9ed43ddf4d9e0a7a791a241742e5baa00ba2a1b4
0fa931248a5f88607bfb42e52ac710475d7d453cf9be8b3e04603492da003166

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/css/nouislider.min.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1039
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/theme-style.css?ver=1675416155

162.0.229.248

200 OK

3.3 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/theme-style.css?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
3.3 kB (3314 bytes)
Hash
baf31e5ad4f31fa1525000e44fb08a04
4fcae76d0edc23a7e3bbc4b7e0c536a61acbdaa3
cee0f9433abca4732eba0b051c89a90c2825ed5fdc606d2e48e19b49531365dd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/css/theme-style.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3314
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

162.0.229.248

200 OK

30 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
30 kB (30324 bytes)
Hash
3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

162.0.229.248

200 OK

4.0 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/css/style.css?ver=1675416155

162.0.229.248

200 OK

158 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/css/style.css?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
158 B (158 bytes)
Hash
cca8b2df8897c6d75fba3a1ca2d5fd49
40317ddcc9fd593ba81e0b19b99574853864eef6
a703bafc3883d984015fc294aaf9df68e98e85c0d6b3dba77460af5e9799616b

HTTP Headers

GET /wp-content/plugins/travio-core/assets/elementor/css/style.css?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 11:51:56 GMT
accept-ranges: bytes
content-length: 158
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0

162.0.229.248

200 OK

3.6 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (19277)
Size
3.6 kB (3637 bytes)
Hash
3c0f49bba64d313ff17530aee3e0de3a
2cec8e2b5dce97ec1c602a371470c3b1ad54d34a
35e45af37030e367c7a247b7cf2e5f188e80067a9fa919814ae91c635dafb89b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Thu, 12 Jan 2023 10:13:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3637
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.10.0

162.0.229.248

200 OK

12 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.10.0
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65496)
Size
12 kB (12455 bytes)
Hash
297f6595e73c5cdfd82ebb9a6b73a2bf
7ed1223f3ef0dd4876f137461c672fd4b67f0b09
c7d70ad4a1b40aa10de966e6f596ca14814c5d0535818b7cb5838b291a27da6c

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.10.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Thu, 12 Jan 2023 10:13:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12455
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/uploads/elementor/css/post-7.css?ver=1673518444

162.0.229.248

200 OK

305 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/uploads/elementor/css/post-7.css?ver=1673518444
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1099), with no line terminators
Size
305 B (305 bytes)
Hash
d9bc22f3527f91d89557d53cc85ed8ce
08472595c6be8cbbf532ad2f1d95d00d95e8b336
fd8ca9b91de9c848dba571e2cfbf7f691252918406a70a2739f4c2e04f1c71bf

HTTP Headers

GET /wp-content/uploads/elementor/css/post-7.css?ver=1673518444 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Thu, 12 Jan 2023 10:14:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 305
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/uploads/elementor/css/global.css?ver=1673518444

162.0.229.248

200 OK

756 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/uploads/elementor/css/global.css?ver=1673518444
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6697)
Size
756 B (756 bytes)
Hash
8279d3577a82c8463dfc3cf01541839a
7e502015d5e7b447c9e52fc84628ecccb3cfae8b
23a28162517834a628d34673fd29e47d61c5580d30a2bf7df91cec8eb3672562

HTTP Headers

GET /wp-content/uploads/elementor/css/global.css?ver=1673518444 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: text/css
last-modified: Thu, 12 Jan 2023 10:14:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 756
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2

162.0.229.248

200 OK

2.9 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (10565), with no line terminators
Size
2.9 kB (2911 bytes)
Hash
70f3b9dd6a51a766210411d4ed0752de
5507f795072da10842897292e32c24b8cbf7827d
8ad70d44d761d4e24fdcdd496c7d529c52c68a7c7dce2471104d4efa2d01ca89

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 10:13:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2911
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2

162.0.229.248

200 OK

3.8 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (12652), with no line terminators
Size
3.8 kB (3831 bytes)
Hash
82296b1be7d264a8a21ca0741f50475a
10ad7678821940dacd8200c76505de5dc59b47f2
524abf7280900dd377f372e36163631a3d9740416bcc993919ec407687793366

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 10:13:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3831
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0

162.0.229.248

200 OK

3.2 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9111)
Size
3.2 kB (3247 bytes)
Hash
078e27719ab2b91e57a3d06d05bf24d8
ee2c8af72d9dbb148d4101a374f6026d0c9c3044
1c8b599f3f7bfa8d7950d95a171f2c873d051960a91c91e22304293596e5b890

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3247
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0

162.0.229.248

200 OK

972 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (3029), with no line terminators
Size
972 B (972 bytes)
Hash
5ed77e0c59800f40061b5c322cff21fa
ced9d401d300dd1fc676a673bbf7e6360beb402d
3b284b8a096256e6cd0d9cbf2cb4b36505e71c0d7b2227fcd3132dddbeea18cc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 972
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.3.0

162.0.229.248

200 OK

899 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.3.0
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1668)
Size
899 B (899 bytes)
Hash
22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0

162.0.229.248

200 OK

677 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2139), with no line terminators
Size
677 B (677 bytes)
Hash
a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0

162.0.229.248

200 OK

934 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2938), with no line terminators
Size
934 B (934 bytes)
Hash
cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/popper.min.js?ver=1675416155

162.0.229.248

200 OK

6.9 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/popper.min.js?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (20322), with CRLF line terminators
Size
6.9 kB (6930 bytes)
Hash
414768345e005b1061a6b7587d3f4baa
8057767be371ccb49c848da790f242691f17bd03
e6017d706f85d46a15220bc45eb929710a4a6116773cee3dc872734b8350aef4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/js/popper.min.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6930
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/bootstrap.min.js?ver=1675416155

162.0.229.248

200 OK

15 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/bootstrap.min.js?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (59729)
Size
15 kB (15216 bytes)
Hash
debc4877055ab38dafe04eb6b347f576
338b29b3b2ddb77045495f6712bb8c1484661a56
27c0c1e977b27218aa7d39bc204b5a5c6ea03ea7ae55d1a15f64a56cf69fe8e1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/js/bootstrap.min.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15216
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/images/logo.png

162.0.229.248

200 OK

25 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/images/logo.png
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 1500 x 295, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (24630 bytes)
Hash
aa78d7eb582fe439f52d8f8a0ca9a03a
a844c9c9c3bab04864c861aa34c1224d472ea92d
e1a03f32729cff23c79a8f98ecf9c717f2aa5248d108c884fe97eb2fff69d641

HTTP Headers

GET /wp-content/themes/travio/assets/images/logo.png HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: image/png
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-length: 24630
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/owl.js?ver=1675416155

162.0.229.248

200 OK

18 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/owl.js?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (360)
Size
18 kB (17911 bytes)
Hash
5eeece9878bd4c368393885a0a937eab
cc29f8542bf2a2913cabe19062c8bc52eea4b30a
ff9f86102c493b00dae544c235da319cca830d4197301783daa07313332f228d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/js/owl.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 17911
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/scrollbar.js?ver=1675416155

162.0.229.248

200 OK

12 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/scrollbar.js?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32009)
Size
12 kB (11725 bytes)
Hash
2e435edbdabbbb13f4172f4833d6bcbf
070183e5d7ab357938265ab9806fb9115c558f94
9c39d4dab7565f400dd9719dbc68ac72ba7a74ced562c91bb479912ee8772153

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/js/scrollbar.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:49 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11725
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/appear.js?ver=1675416155

162.0.229.248

200 OK

1.2 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/appear.js?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
1.2 kB (1234 bytes)
Hash
001719c11219c3a8acd22fc4b6d64fc9
f77bf50c1a47cfcfdefeb0c2741b76c8432a9a04
99f1d1345bb8afc5f974e5a1533521c18d580b979c01b2d29846b4348b5c41c6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/js/appear.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1234
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/jquery.nice-select.min.js?ver=1675416155

162.0.229.248

200 OK

930 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/jquery.nice-select.min.js?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (2822)
Size
930 B (930 bytes)
Hash
7df2a8ed2b80cde0e5e7ca7c26764651
d6065cf9375fa62f0bc89dd8c7b8d39a7299720b
478a6036f21887bd2c4da8d4c1446b7ca247263af66c79056c0b290076c736fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/js/jquery.nice-select.min.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 930
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/wow.js?ver=1675416155

162.0.229.248

200 OK

2.0 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/wow.js?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6269), with CRLF line terminators
Size
2.0 kB (2037 bytes)
Hash
5c77c4afb16dfc30a8fae471b51c1829
2686c3ef2dd3cac91a137cf7ba3780fcc9862b21
e311a10c2ef58b6fceccfceae619546bf9c91cf5bf8c458bed98f62d8724623b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/js/wow.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2037
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/product-filter.js?ver=1675416155

162.0.229.248

200 OK

197 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/product-filter.js?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
197 B (197 bytes)
Hash
cab5f9c10b1db8c2c23db0804ade8a08
dc57cd48a2d8b2a6a4d122bf84d4ba18a538a35c
e3c0f16fa94a924edc41bf12a3d4d01783d3d206456db5202d05f30192ad7518

HTTP Headers

GET /wp-content/themes/travio/assets/js/product-filter.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 197
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/nouislider.min.js?ver=1675416155

162.0.229.248

200 OK

8.0 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/nouislider.min.js?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (23842)
Size
8.0 kB (8033 bytes)
Hash
3de4da5e379489e103bd6e8502132248
5cfa24b812977786245033dcaf538b3649332ebc
6076808d675bf05270aa2a4361f33bb20c590ad0d9fb58aa2180e8718f066fd0

HTTP Headers

GET /wp-content/themes/travio/assets/js/nouislider.min.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8033
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2

162.0.229.248

200 OK

10 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (36548)
Size
10 kB (10498 bytes)
Hash
fa5758a091d6cb4ef9da7d14c9f8b4ea
64991dd17eac6c58c395cb383df447fb4af5581d
9467b257684b8aaae4a7c7ca7d8baf3f4ca4cdb3b6944f67e63ea880c299ef39

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10498
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

162.0.229.248

200 OK

6.8 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
6.8 kB (6800 bytes)
Hash
3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/travio-custom.js?ver=1675416155

162.0.229.248

200 OK

2.0 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/travio-custom.js?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
2.0 kB (1996 bytes)
Hash
3efc84d10951f3b37d674905068ce0c1
b0d4a8648913b7f86cf73012ff421177d240eb6c
db1222440a6df36b23707f1b2f60e307ef5cdbf4f408712a7d51941f1f313e16

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/js/travio-custom.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1996
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/single-item.js?ver=1675416156

162.0.229.248

200 OK

350 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/single-item.js?ver=1675416156
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
350 B (350 bytes)
Hash
a560336bce95e869cc74b5abe82dc49b
0aa27f5640011baa763a668f6a172fc6617070e7
ed6854d01a32f34bfff6fd957c38dc9e658d12bc76b68ca280447022a4da176f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/travio-core/assets/elementor/js/single-item.js?ver=1675416156 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:51:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 350
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/script.js?ver=1675416155

162.0.229.248

200 OK

2.8 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/script.js?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
2.8 kB (2829 bytes)
Hash
ba60e6919f32ef54b9b5132efd1c3903
05f5c92a8db735732b443ad018e34c9d8b1dcbdd
1855e6eb96294e83615d78f432f1df2ce35207c0920cf5d2e98aec9100486f06

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/js/script.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2829
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/three-item-carousel.js?ver=1675416156

162.0.229.248

200 OK

380 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/three-item-carousel.js?ver=1675416156
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
380 B (380 bytes)
Hash
66da7004f4d8654ada72bd48d83bd8dd
0a254e01190c290a6d42f1e64f6304a09bb191c0
b0a70fb3287e394200b58a182cc7b4bada6f5bd55e854bf25c3e542db1e448f3

HTTP Headers

GET /wp-content/plugins/travio-core/assets/elementor/js/three-item-carousel.js?ver=1675416156 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:51:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 380
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/four-item-carousel.js?ver=1675416156

162.0.229.248

200 OK

367 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/four-item-carousel.js?ver=1675416156
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
367 B (367 bytes)
Hash
75b0da09eaf3302c3023e9667dbe6f4b
42672ed860e693d1aee26ba46f10fa497ea3ff68
7f65c162d3a8b216cd6ae62b1403909ef5bd5a36bc2ca19322ab559da263730a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/travio-core/assets/elementor/js/four-item-carousel.js?ver=1675416156 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:51:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 367
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.0

162.0.229.248

200 OK

2.1 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.0
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4974)
Size
2.1 kB (2076 bytes)
Hash
83c2680579d16bcd7e382867a9bc9cc7
c0614874b51b52bda4681d62e833c4c993987175
d44961c6abdc4ddbb4bd33dc67984a1f38f0cfa26ed29d648577994597a98ad9

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 10:13:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2076
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/funfact.js?ver=1675416156

162.0.229.248

200 OK

401 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/funfact.js?ver=1675416156
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
401 B (401 bytes)
Hash
54ad80bdcfb36aed04d7b20edd2fd7bf
8e6fb79b64dc702875cbb8f2a08a9eb166acf24c
955fa6a5c4e721e73d2e12a56cee268fcb94ced2e1a01c9dc562543f77af4a70

HTTP Headers

GET /wp-content/plugins/travio-core/assets/elementor/js/funfact.js?ver=1675416156 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:51:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 401
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/bannerslider.js?ver=1675416156

162.0.229.248

200 OK

355 B

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/travio-core/assets/elementor/js/bannerslider.js?ver=1675416156
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
355 B (355 bytes)
Hash
5682eaea53771ea7213863ccc339b274
63c1441aeb766357355ff5058816980c58394b84
11ce0f0caa347de78cca8e4657456ed8645b91d0f60e9c8ac08535b0a12f98d8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/travio-core/assets/elementor/js/bannerslider.js?ver=1675416156 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:51:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 355
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

162.0.229.248

200 OK

2.9 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (12198), with no line terminators
Size
2.9 kB (2867 bytes)
Hash
869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 10:13:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.0

162.0.229.248

200 OK

11 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.0
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (35645)
Size
11 kB (11070 bytes)
Hash
353388cc2fdf3da834c543a6aa7bfb5e
01d664f3dd904cdc3f8d0532826e578fd3414d9e
dbedf8538f58ddb94b59bcdecb7fef7eeb32ac4d10f19faec944e7aeeeef5737

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 10:13:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11070
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.0

162.0.229.248

200 OK

12 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.0
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (40802)
Size
12 kB (11791 bytes)
Hash
4046853285228fd4861281728aece600
4997dbc399d3d0e0c0d23099a682f9cf72a33c00
c7c542f6f26c29f1a438c7d476ebfa1795658b6cd8b7d321b3e7c9757a6ccf1d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Thu, 12 Jan 2023 10:13:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11791
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:22:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.himalayanstaylodges.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

162.0.229.248

200 OK

4.6 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/jquery.fancybox.js?ver=1675416155

162.0.229.248

200 OK

35 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/js/jquery.fancybox.js?ver=1675416155
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text
Size
35 kB (34739 bytes)
Hash
b204d078a1ef49a9f708a131c76561aa
1a2c087bfeb5b852f408850b01cdb70025c1ff0d
862f0271023018af1de8e0cbb86079e31bfe5d7915915f92ec7f248d8194e385

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/js/jquery.fancybox.js?ver=1675416155 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 34739
date: Fri, 03 Feb 2023 09:22:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.3.0

162.0.229.248

200 OK

1.1 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.3.0
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (7043), with no line terminators
Size
1.1 kB (1058 bytes)
Hash
398489038b789364a5c83f044e11974d
d5caf5f64c45693de65b5c0a801bfbf83a325485
32365dde0c909abbb02d8b6a8d9938056ba47f325d51e75082e3d265ce5f76d5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.3.0 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 04:51:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1058
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/uploads/2021/03/page-title-5.jpg

162.0.229.248

200 OK

46 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/uploads/2021/03/page-title-5.jpg
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 50", baseline, precision 8, 1920x300, components 3\012- data
Size
46 kB (45505 bytes)
Hash
6e92499f4c85c8205989385976084db9
e1693c04e47098ef4dd08b991de8cfa9219bf076
695d1145b74a5c166356fd9cb1502dd4c7a65537f78c5e3f10c8637e1bc120c9

HTTP Headers

GET /wp-content/uploads/2021/03/page-title-5.jpg HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 11:52:26 GMT
accept-ranges: bytes
content-length: 45505
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

216.58.211.3

200 OK

36 kB

URL HTTP/2
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Size
36 kB (35764 bytes)
Hash
60f23230f1a8d5c3b7d25b73f5b5ce23
ed08ada85d017893b9bcb8224e99154c6708f5d2
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

HTTP Headers

GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.himalayanstaylodges.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 18:29:09 GMT
expires: Mon, 29 Jan 2024 18:29:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
content-type: font/woff2
age: 399221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

216.58.211.3

200 OK

48 kB

URL HTTP/2
fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47728, version 1.0\012- data
Size
48 kB (47728 bytes)
Hash
b1581ddd77372ceb06eb14adfd1bea07
1a3b0fc96fa73b808aa1f91f122a3c9bdcf93ee8
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73

HTTP Headers

GET /s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.himalayanstaylodges.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 18:28:53 GMT
expires: Mon, 29 Jan 2024 18:28:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
content-type: font/woff2
age: 399237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:22:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-brands-400.woff2

162.0.229.248

200 OK

75 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-brands-400.woff2
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 74700, version 329.-17826\012- data
Size
75 kB (74700 bytes)
Hash
dc83ddbbdd108b159117928063699c4e
36960c9095be11315ea5f9031b3d489629268511
30d34a03dcaa7bb6a46bb49960bd4d7648ca71068b0635da5784e3a1f9070ed6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/fonts/fa-brands-400.woff2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/font-awesome-all.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: font/woff2
last-modified: Mon, 12 Dec 2022 11:52:27 GMT
accept-ranges: bytes
content-length: 74700
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-solid-900.woff2

162.0.229.248

200 OK

118 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-solid-900.woff2
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 117452, version 329.-17826\012- data
Size
118 kB (117452 bytes)
Hash
525bd4ae5b9eaa1e23b4a5c8b28c0d9f
0985532515d580890822bd544fab4a7aea46cb33
b5869f6bb9116c6dd0b6b691d57a17954f3c522cf9ae4497094e62146d8bac15

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/fonts/fa-solid-900.woff2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/font-awesome-all.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: font/woff2
last-modified: Mon, 12 Dec 2022 11:52:27 GMT
accept-ranges: bytes
content-length: 117452
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/icomoon.ttf?ulc4i9

162.0.229.248

200 OK

8.3 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/icomoon.ttf?ulc4i9
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size
8.3 kB (8304 bytes)
Hash
c85c59786243dc556fa674c68228a8b1
e1edaf7512865c3c6767a6e6d622fcd5257318ec
26461d6733cb45d73bd71abc50f35c430756c5969040768f33841cde4a3d0d99

HTTP Headers

GET /wp-content/themes/travio/assets/fonts/icomoon.ttf?ulc4i9 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/flaticon.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: font/ttf
last-modified: Mon, 12 Dec 2022 11:52:28 GMT
accept-ranges: bytes
content-length: 8304
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-light-300.woff2

162.0.229.248

200 OK

157 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/themes/travio/assets/fonts/fa-light-300.woff2
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 156896, version 329.-17826\012- data
Size
157 kB (156896 bytes)
Hash
6b1c4bcb2a11d69fc64a61f889dfa1d3
313d7b371459d715ffc4c18d483f8541b9d5747a
b6eaf663bf99a31d581721a42668207bdc3d3db6ff33625790019f3682eea9fa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/travio/assets/fonts/fa-light-300.woff2 HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/wp-content/themes/travio/assets/css/font-awesome-all.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:50 GMT
content-type: font/woff2
last-modified: Mon, 12 Dec 2022 11:52:27 GMT
accept-ranges: bytes
content-length: 156896
date: Fri, 03 Feb 2023 09:22:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-1.jpg

162.0.229.248

200 OK

14 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-1.jpg
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, components 3\012- data
Size
14 kB (14416 bytes)
Hash
70b91c3de004890742b4243c4ca0688b
09925962becaaf122af108fe71589135e260b1aa
d451037c7eab0df8481f721c41b25bdc038f195ce9e27c99bb919e96b03d661a

HTTP Headers

GET /wp-content/uploads/2021/02/footer-gallery-1.jpg HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:51 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 11:52:20 GMT
accept-ranges: bytes
content-length: 14416
date: Fri, 03 Feb 2023 09:22:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-2.jpg

162.0.229.248

200 OK

13 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-2.jpg
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, components 3\012- data
Size
13 kB (12776 bytes)
Hash
8e8bdee7d262c59f13349e58cd831586
4c512bafd7b4bf7e1998fc6dccf5b16399a612f9
120341bbd3392802f1aeb42c2b788409afd7cd386f47c1e8c94d0e466ac534da

HTTP Headers

GET /wp-content/uploads/2021/02/footer-gallery-2.jpg HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:51 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 11:52:25 GMT
accept-ranges: bytes
content-length: 12776
date: Fri, 03 Feb 2023 09:22:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-4.jpg

162.0.229.248

200 OK

12 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-4.jpg
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, components 3\012- data
Size
12 kB (12079 bytes)
Hash
1283f393c1a650259cdd895adb720e05
7a66d836d3472953ab60449e5d012a96ba276a60
9bc90bfb7f76618897b8a1da6850904bbf82eba59a44af09ea23010b6944849b

HTTP Headers

GET /wp-content/uploads/2021/02/footer-gallery-4.jpg HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:51 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 11:52:23 GMT
accept-ranges: bytes
content-length: 12079
date: Fri, 03 Feb 2023 09:22:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-5.jpg

162.0.229.248

200 OK

12 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-5.jpg
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, components 3\012- data
Size
12 kB (12089 bytes)
Hash
f7bf9668eb596a70a69c651c8e079c2c
a7f83ea6ab274c3efd9f01df649034cc1f166fb3
e97647410c1faa611a086e1a4ea689e3615157d5a2e03f43e23e03f0803e7ec5

HTTP Headers

GET /wp-content/uploads/2021/02/footer-gallery-5.jpg HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:51 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 11:52:21 GMT
accept-ranges: bytes
content-length: 12089
date: Fri, 03 Feb 2023 09:22:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-6.jpg

162.0.229.248

200 OK

12 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-6.jpg
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, components 3\012- data
Size
12 kB (11859 bytes)
Hash
c6e73aab0d92c735836d31693a099792
704d586c1d999093830567e9b8b83276dc3fa273
d421e196542e50d83519cfa8a2d7fa5afa54d9a7a4b94d7da881ec838ae714da

HTTP Headers

GET /wp-content/uploads/2021/02/footer-gallery-6.jpg HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:51 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 11:52:22 GMT
accept-ranges: bytes
content-length: 11859
date: Fri, 03 Feb 2023 09:22:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-3.jpg

162.0.229.248

200 OK

12 kB

URL HTTP/2
www.himalayanstaylodges.com/wp-content/uploads/2021/02/footer-gallery-3.jpg
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x90, components 3\012- data
Size
12 kB (12022 bytes)
Hash
bcbaa28552b6e669b699eb8c7718308e
90adc81287c633278ab72ef6bd7f5d0772d92b0a
4bb51008abfc72e006ba58611c5e1da0cd52a657577bf4ebd83e18c9c8bccc54

HTTP Headers

GET /wp-content/uploads/2021/02/footer-gallery-3.jpg HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 09:22:51 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 11:52:23 GMT
accept-ranges: bytes
content-length: 12022
date: Fri, 03 Feb 2023 09:22:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/favicon.ico

162.0.229.248

404 Not Found

1.2 kB

URL HTTP/2
www.himalayanstaylodges.com/favicon.ico
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 03 Feb 2023 09:22:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.himalayanstaylodges.com/?wc-ajax=get_refreshed_fragments

162.0.229.248

200 OK

210 B

URL HTTP/2
www.himalayanstaylodges.com/?wc-ajax=get_refreshed_fragments
IP
162.0.229.248:0
ASN
#22612 NAMECHEAP-NET

File type
JSON data\012- , ASCII text, with no line terminators
Size
210 B (210 bytes)
Hash
0c97a46508dc677362be2a79fd34feea
bce89aaf991907a16c951cc6a9a8121045374e22
3e799d21e1116a135fcd10c071506f34b99cf79d93b5548199e1376f88b62434

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.himalayanstaylodges.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.himalayanstaylodges.com
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/RFRTA/WARFG/196dd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
access-control-allow-origin: https://www.himalayanstaylodges.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
x-litespeed-tag: 3ca_HTTP.200,3ca_HTTP.200
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: no-cache
content-length: 210
date: Fri, 03 Feb 2023 09:22:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700;800;900&family=Playfair+Display:wght@400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700;800;900&family=Playfair+Display:wght@400;500;600;700;800;900&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Work+Sans:wght@400;500;600;700;800;900&family=Playfair+Display:wght@400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 09:22:49 GMT
date: Fri, 03 Feb 2023 09:22:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.himalayanstaylodges.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 09:22:49 GMT
date: Fri, 03 Feb 2023 09:22:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (42)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML