{"report_id":"c500e7fa-60bc-4223-91c1-82244ddae918","version":6,"status":"done","tags":[],"date":"2026-05-15T17:46:56Z","url":{"schema":"http","addr":"auraguest.lk","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":0,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"auraguest.lk/","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"title":"Aura Guest - Aura Guest","dom":{"size":45228,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4865)","md5":"404fc9a16495ec69b04f513d162eb259","sha1":"73320af6ef5c87ad21e7cb99f73b9d6712a79048","sha256":"543ea2f14f79f60cc325cb7c60857412ba6c7e17c3876c181d506fdf0fc7c0bf","sha512":"4aaf11749162a4df8add18e2d83b558ed3558b4b3afc85e3598192fe161b96e4bc53085551f7d115234c51872217405404b26ce06bbe5f7046805f313aea094d","ssdeep":"384:hEtm/m7iCnkO7u0IDqKWEXQUtOGwtgV1Izw2xyUIzQzUZaE6fMiFF0fyTJFVXwtV:qc/YiCnk10BSEgZB+3H4wFKI/9I","tlshash":"0c1366254cfeac37012205c5e069ba9abddfae33e25190a5b2ffc1984fc5dc0951b58e","dom_hash":"domhash03d8b48735c6c6929377b9726ccd36e4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"auraguest.lk","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":0,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-19T17:46:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"auraguest.lk","ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-05-10T21:02:05.004168Z","last_seen":"2026-05-10T21:02:05.004168Z","alert_count":252,"request_count":84,"received_data":2687219,"sent_data":78556,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"jQuery:1.11.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:1.2.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery UI","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"Moment.js","description":"Moment.js is a free and open-source JavaScript library that removes the need to use the native JavaScript Date object directly.","website":"https://momentjs.com","common_platform_enumeration":"cpe:2.3:a:momentjs:moment:*:*:*:*:*:*:*:*","icon":"Moment.js.svg","categories":["JavaScript libraries"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"FancyBox","description":"FancyBox is a tool for displaying images, html content and multi-media in a Mac-style 'lightbox' that floats overtop of web page.","website":"https://fancyapps.com/fancybox","common_platform_enumeration":"","icon":"FancyBox.svg","categories":["JavaScript libraries"]},{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Chosen","description":"Chosen is a jQuery plugin that makes long, unwieldy select boxes much more user-friendly.","website":"https://harvesthq.github.io/chosen/","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"bxSlider","description":"Add a respsonsive image slider to any website.","website":"https://bxslider.com/","common_platform_enumeration":"","icon":"bxSlider.png","categories":["Photo galleries","JavaScript libraries"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-10T22:17:57.86744Z","alert_count":0,"request_count":3,"received_data":50689,"sent_data":1595,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-10T22:20:44.526759Z","alert_count":0,"request_count":1,"received_data":3063,"sent_data":449,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.effects.core.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5112dfa4dd8e8f8067081cbd8be3ae3","sha1":"8ab0191288ad51bcc8f8204d4df1eb306107e0a9","sha256":"e4ad6667a90a0f510062deae1e8f5d2db739add56c6d8aaaa16e9ef50f339f54","sha512":"3972679252ec804cb7956fee9fda2aeda0943a67472e49e33283d071c46a89fe8f0148b44f9452191a13f7d2db6f0c321456ad533bfe7fe168a8fd34c50a3ace","ssdeep":"192:o3xsrSubMGx75h2+CGaWZ/yIuDHNoOqmY:ogSubM4h2+mRWV","tlshash":"4b3271ee75d3b0a543b6b2a5402fa106313ea865748d5840f173c0e6bebd66d8137e3e","size":10950,"data":"","first_seen":"2023-06-27T05:58:45Z","last_seen":"2026-05-15T17:47:01.974184Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/fancybox/jquery.fancybox.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"03268cdfc8a9f383b8e46d1a6e0fa752","sha1":"c232a118587cd46678fe840de1f7e4304665bce2","sha256":"004d0a5acf9045fbc27894c571811b8350488be7f0b12d958bb7699d6899792c","sha512":"e5107ab7fc05f61fb27c0692a53ad2263ae5d681c2398653cfa0f3662868d3ccd0ab4539c209da5dfd639d769a6e180d682c39f391138d7a0f2cf1dc14ffaba3","ssdeep":"768:zZ52VWQaDhcgnbolYopX60Oidi1E6T64clsszfYbI6v0isOy:d52wbouoBhOidcO4cCQOI6v0isOy","tlshash":"c003c65662f32476902bb16a8f6f85087231441b8f0aeca53d4ce1944f485bc5bf6fee","size":38949,"data":"","first_seen":"2025-10-17T20:06:27.308026Z","last_seen":"2026-05-15T17:47:02.044176Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/bxslider/jquery.bxslider.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dce89db6989a4035940dbeb99d326de1","sha1":"9463e343d1d8a6059996fc5f421367dd7b952855","sha256":"165bd7d4a8ed49b1da3dea597a4ab727252be902366a47dc18c41472e5cd9dfc","sha512":"885780d0a0ff2ce53cff3837d870fbe392cbec314ca4fb8b1c0e92574239f7486a9044a3419a9634668cc75f75526df1f3da0244cb3acd4bb730260eb829591c","ssdeep":"192:7RbGoLN83BRKmfL+ClFVPDhjfHGTgiD3VARMWvdO34AgEJrv/T16OsQon05rzIHB:9XZ8WjOVRXy16/kXIHHSHruwe","tlshash":"2d92541b713436fe46b632b5b299cf487276908ac537f8f861b5d85819e8cc4301badb","size":19360,"data":"","first_seen":"2023-03-07T01:42:08Z","last_seen":"2026-05-15T19:43:03.754894Z","times_seen":1072,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/daterangepicker/moment.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fbe3eafcd720c936d251c4532aa8160b","sha1":"6b28f759053e6205922cd40fdccc89b90351e183","sha256":"978ecd36e892112c7a0f429c43ac64727b76a26e09010289f50673a9ca3039fd","sha512":"d3f16dbbb2741aa7bca3f42976e7968d1b37831d2e96e4540629ce142dbe272a2159c491a8004aedc08f9c645bc541d7dbaeb782472066d0c8b8c26b87407f78","ssdeep":"768:H9LqJUvlnpLWIqCiFghOcknUU/aIkk/HRXHq4Gqjv35H:deAlpLWfWOcCBJHRXq4bjZ","tlshash":"1543a3ce3546b012576212b5082f490bf33e6999680e4d2cf508e9e97979c6e427ffbc","size":58104,"data":"","first_seen":"2023-11-08T12:05:40Z","last_seen":"2026-05-15T17:47:01.982426Z","times_seen":91,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/autoload/15-jquery.total-storage.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"25bb6f0d5dc5f3094b9cd007e246cf1d","sha1":"668596c0e96650cba50f5538384bebb48abde0ca","sha256":"67dadeecd506147b7adba2b464bb05723e729997af9df1aa0ff7696e535b4d0b","sha512":"cdbfdf0ff8ecdd84abbcfd1421df6c55ebcc10bd846f30f3013316fb0b0e0ac6120ad63e774dff1ad89e598f148ba4ab848d69ff43c34aa1d0ce515e97a3c3e9","ssdeep":"","tlshash":"9451112f32d2722582c4167d7c6f12abe73669f2609c5194d09190e07e64c15c673f9f","size":2564,"data":"","first_seen":"2023-03-07T01:33:08Z","last_seen":"2026-05-15T19:26:23.896937Z","times_seen":1001,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/growl/jquery.growl.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"438ee258d8e1e6dab070eca70dd406e7","sha1":"2a7b3f2fc58921a9b041ed2816706f9d00b8e1dd","sha256":"9029b4302aa3afc64458ad4c534e985c2a987fc61274d56fe78dede9b0fc754b","sha512":"6d80ab8ea8af77c252add41947e1023f5ba7be448764ee9151993ec965e7b9e6355c576d28774c99a83559da84984f6d9813ab20787f8797b989983e3d62f447","ssdeep":"96:o2FKaU+w8Ls8hJFxpTngOJ2J0PFHjyHQ9qrFqRdfHWd0QM630RZ630156305V:o2KaUv8Ls83xgOJ2J0PG2qrkRdfHWd0h","tlshash":"5dc1470d7af6204586a7b37acfcf52097236450b6519d5183abc83e14f9246892effb8","size":5945,"data":"","first_seen":"2023-03-07T22:58:37Z","last_seen":"2026-05-15T19:43:03.716347Z","times_seen":185,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/jquery-1.11.0.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fc25e27d42774aeae6edbc0a18b72aa","sha1":"b66ed708717bf0b4a005a4d0113af8843ef3b8ff","sha256":"b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682","sha512":"87d90a665c15d71ac872bd8bc003d9863964c7ec7ada6370b902b93c0bbd7770fe25730d946c7c6a465baa95efa74bc0e78af3f83aea615af35060cc8702a6c1","ssdeep":"1536:EPpEy5BMibZGOj/bEe8v+/UWf4IhvAuCh/jqkODZ2D5N9Rag0MOIdSZAgtgoX5Yn:bIO/e2D5c4LgtImLja98HrK","tlshash":"cc93e8d9b6d2706297b730a851bf510bb17698eab80c4c60f058d8e47eb4e8d507bf2d","size":96381,"data":"","first_seen":"2023-03-07T01:02:10Z","last_seen":"2026-05-15T20:32:34.865339Z","times_seen":25730,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/jquery.serialScroll.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"667dbe0197ae28806702fb36fa4b7c49","sha1":"976e6733f24ddd0d9e73882890d519f4229ef072","sha256":"88de8847f3422574ba963b885cd481fb74790b38bd8d077f41b75e5ee97ea8df","sha512":"35b64dee3f3a412e84fcaa5f30b364eae1b79583a479b3198bd258e34b6b214ac0c2f4cf3cacd37a27b74eb094c31702bfc745dc797fb95ebb6ffad01b6f717c","ssdeep":"","tlshash":"73413006f3136eed52ff2320a15b4d05b3a120676a4b5590e284e9d13ef983d7b1ae1d","size":2013,"data":"","first_seen":"2023-03-07T12:10:44Z","last_seen":"2026-05-15T19:43:03.78878Z","times_seen":731,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/tools.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8f7deeae16d80558582028e0a29e13e9","sha1":"b6931627b2e4e7c86ab07c4c62575bb972227906","sha256":"0fe1184ae2f714ae71867b9ac9b4f3b67f50f96ca7179e070434f1af841209d1","sha512":"1a6a8d40f4d211de7cde3400b12261c18deea4f43beebd55f59d17d73d9f40a5f10bb4c5b85b3e77e314bc04c530bff25df1483e8465560cc501e50b8e90a868","ssdeep":"384:Wy57W9KOucl4OfEVhOVMmgm1FnhwNh1ot3yqSrmNsdCU1KEGMH4t:F5xoMi3nhwN/QySsDKiH4t","tlshash":"1f920994fd454bab08ba2138454f420cfabda871b219c9d1f0cc42d027b5d7f92bbc6a","size":19326,"data":"","first_seen":"2025-10-17T20:06:27.595402Z","last_seen":"2026-05-15T17:47:02.011072Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/jquery.scrollTo.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d58fea835d9825c614aa670aa89b6422","sha1":"6598492c176fc947af16f9a706729ab1e6c13de0","sha256":"68923c9df1ee0bf9a89caac9af95cbc30fdbf1d836c811f6b60f542df0ae4055","sha512":"78e9fbda0ea0ff07f48d7b005d6b5be25d392ce28e780723ec5ffcba27216dc2298f6ab54787a56c693a88e57f2763b7c5ffb78ace29d0788d2a41a2408932d6","ssdeep":"","tlshash":"7c51c7987502710043dbf86a30ef4305aa7da5f3f00ba950520c88d4ad74a3a057bfed","size":2676,"data":"","first_seen":"2023-03-07T01:42:08Z","last_seen":"2026-05-15T19:43:03.759152Z","times_seen":698,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkhotelfeaturesblock/views/js/wkHotelFeaturesBlockFront.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f47cb7721d76e59241e0d691430b411","sha1":"443e8a498d2bbef27609b951a02b2f81e79e543e","sha256":"eb0eb82217a3ce49ed405bcc5a99a2503131a6e1bf5c20930c8284689147560d","sha512":"7f348f217826d8e8934dd9517d11e6a2d04142a9dcc6d7eeaa9118d644aed26de6a8a6ce26c0b53403611d513641a803d1454adeda3a6a27be41b933a2660e2b","ssdeep":"","tlshash":"b94144b7db30ba3fc432999f6d5e770e671441b82743c4b9dd44c8cd2aa852933b581a","size":2142,"data":"","first_seen":"2025-10-17T20:06:27.384024Z","last_seen":"2026-05-15T17:47:02.007162Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/autoload/10-bootstrap.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ba470f70a0141a75a81d57e85c80d33","sha1":"4939afee748a597e5a06eefc4a5489a538279545","sha256":"650c142505681d7842af8b9eb182c38ec5b117c3326c7ae06b93cbb4be4172a2","sha512":"2466876ac6f2735f93271561b20bb80c999c0908e3dfc8e586cc460155b3ae67397958f0a1f6c4469665df06c23c86477cc0eae17f3a7c259671046458e71d87","ssdeep":"768:h2v6X8Yks6Zzy4PzYtwb4XDLD8agMRXfcAfwI0OCtgez:hN8jo77CCK","tlshash":"3ec26406b2313161079bf2f5115b020b723a7a7ee906907c38b9dae63db9c597127f39","size":27631,"data":"","first_seen":"2023-03-07T01:33:08Z","last_seen":"2026-05-15T17:47:02.048869Z","times_seen":761,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/blockcurrencies/views/js/hook/blockcurrencies.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e640d75b996c80d4c1919fc7ea461a70","sha1":"6c654c0b7524e48e48e4ddb6e67c49c84ffb6acc","sha256":"1d29b620432fe293cb1707de251e5476ffcbf391478abe27f8c0ff70d96d1831","sha512":"1430e2ae96e51e737f038dee4681b665686e5103db0dec08275aa4beff85dab0fbd1d80800a388f1692b87c668d59ff99bec8d64fcdd6da3418644817986f0ab","ssdeep":"","tlshash":"7b212ebbb8b0e373c0362a046e0f1a4de72651fe5245b699b50c41c11b2832892f6cb2","size":1193,"data":"","first_seen":"2025-10-17T20:06:27.499993Z","last_seen":"2026-05-15T17:47:02.045025Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wktestimonialblock/views/js/WkTestimonialBlockFront.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c38294a4a7edaf321fdec28a71fa8d04","sha1":"793d3fbd5c1c23b5e364546dd53fc451efb25f04","sha256":"6eacc29c459ebf18aa4e5405e7cbf780c6cccc6a1a6323cb659f90bff9ac76b6","sha512":"c652790d643a63c3df70118ebdc4c51f5a5a754bb7c80623710872c4f0b7f293f5442e203607ca87f9125d5be762793a994acfec0deafa55a769202f5c4ea6a7","ssdeep":"","tlshash":"6421dfaba424d23385111a042e9e29099f2c94bd594476d9b50d42c11b2872da1b79e1","size":1225,"data":"","first_seen":"2025-10-17T20:06:27.373191Z","last_seen":"2026-05-15T17:47:01.994377Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.ui.widget.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2425a542e6dde093dd85ac0b5adc0141","sha1":"0bf51b3864ce01535ec8368d254052562fa7692e","sha256":"164551b6d92b71ef6c91202cfea2872173936cf3286d44bcdac1dc973ada0f1c","sha512":"79897707446b0f5d40078fbb053eb44c85167ff4312922e45f7247689c7eaa10fe34cd01bee95d9186905b74090f823dc7fc2687c5a2d6bffd6875cf3123b100","ssdeep":"96:3ETsGBP9MMhtYGoW5FK45KmZmDitpElQ6/V6dbxfADVk4g8Oo7AUUmD+tusHKN:4sGBVMMhthfd1ZmDitpQbUx0AfmDIus4","tlshash":"72d17988b256be8a5ee7e024103f610b923155edd0494c8cfc7cd8e96d7aa95b133f39","size":6488,"data":"","first_seen":"2023-03-07T12:04:33Z","last_seen":"2026-05-15T17:47:01.983037Z","times_seen":378,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.ui.slider.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f1b234712eabc4fea71eaadcf2e73ffa","sha1":"d90f5c2bca1661edc707750ee678803ceda645e3","sha256":"be0ee630fa58714236ddcb03dd6af06442c34935a3eee826c8ebf91a92b81d21","sha512":"798c7eafa15b5241f97a16e0c4d0bea1f44846e0c3f88be7c49952b343c13d7c8867d61c647c062651af65842ceb0ce0308e3fdb360aefa8d57668427263fd31","ssdeep":"192:4UBIDsASfjQwY7CCMTflHhmD8hGL0EeVnDFIc:4sID78jQwZCILmD8hGL0EedhIc","tlshash":"8b22744b320b6b1116aae2b15a3d98cfdb7753c8690448ccb070cbce556de4991ebf78","size":10202,"data":"","first_seen":"2023-03-26T01:07:23Z","last_seen":"2026-05-15T17:47:02.045864Z","times_seen":269,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/jquery.easing.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b02bef6a62053b45babfbda795b6eac0","sha1":"3df9034ec9a2ff4d1964be64c4753cf4628affb9","sha256":"91fabad8aada7dfd913da46fffba65e16f37e97fbe07612e16acba215cee6c28","sha512":"0d44d0cfdd32f419dd0b9fef47c391a1b09544d599b6095fc610b25a813ab1214646f34cf6d073c5349a45fb200e713d62ca3364a12cfabc15b5b6ce6682bf6b","ssdeep":"96:uBmbQlcQgliUtaq2xsv0jAeAWFdTGj1GfsS:pcAsfAyd","tlshash":"76a1519cb7d5b21b8359f2709a3e0d0fe2646427856ea82fcc4c4495ba7c335c269d7c","size":4955,"data":"","first_seen":"2023-03-07T01:33:08Z","last_seen":"2026-05-15T17:47:01.973563Z","times_seen":832,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/i18n/jquery.ui.datepicker-en.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a38655904f6c55da227cea464b55a2b","sha1":"b69c650bad329c3b36c255a5f61a0674726caa31","sha256":"39fd50b8e82d9c4e07949d85f901a44b0ce559acf2e48214fa16efb970ce434a","sha512":"a4593e04be2c9e8a2799b583c2d1fd67a21bbcc04b90dbdc55cf05cfc075ce8af71ec12ac19c817cca6cd4da1914edb46bbcdddf53a8590b8e18a85d4d080485","ssdeep":"","tlshash":"481144ea2048685f4b3117b77c2c6d098f2415c6e519c90be80d1a4b26dcc49dabafa1","size":897,"data":"","first_seen":"2023-03-07T01:33:08Z","last_seen":"2026-05-15T17:47:01.95197Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.ui.position.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb63c3d2dace62e102af74004ccd0ff1","sha1":"87111589591e91227bc22f9667b3fb9ede7c02be","sha256":"a78dcce5af1285a72e9f48f2d074dc109be907e29fe03724245ce2a8df0c5121","sha512":"0c6fdbc9f939a17fda3ffe65f448108b0a17beb4d1b6bf34cc47b20b45943cf6e73871d47e604a1e763159dc957c5156a6508170ed39742a6afe60cbe68ba313","ssdeep":"96:3ETtfr3C+Tw5dLa98RK8Qix/fhmAUbhlvXtdiGeNt9w9dJMoCVEuCPtGmWFVaSpB:4QvaCf29di7eLCVEurrpmMa4RyQ","tlshash":"92d1e7b4ab067816d1fbf14b908b431da0309021b35be589f22ddef9389a91412f3ef4","size":6273,"data":"","first_seen":"2023-03-07T12:04:33Z","last_seen":"2026-05-15T17:47:02.05718Z","times_seen":70,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/index.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1a3d634a9c0b764bfb59221d20a37681","sha1":"727bd74b1724bf42fa5d10a2da0441cae50bf604","sha256":"25c61c4e8f2ca4915ba266f33ef6daa9a3c66c2a0b2c8f1ddb276c5ca9c374c3","sha512":"f619f675bac53630c31cb7b484e04b1a2553586468261d999588e3eb3c3b22918378cc14a79b3f951ed939cd375452a0de53974c5d4a759c790bc6090136cf01","ssdeep":"","tlshash":"c911f0bab5195223a732de287e270a4cd3454cec6356b4ac55080bd4233562995f6c7b","size":1084,"data":"","first_seen":"2025-10-17T20:06:27.45923Z","last_seen":"2026-05-15T17:47:02.009257Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/jquery.chosen.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"38dfac0307ea6167b951fad36204767e","sha1":"eb0ec529fb2d847ce46a92113ef143f59efd2e54","sha256":"a7163066d83c2a8d895490e9412558cf1bda87a2926d908533f64b94d4f293b0","sha512":"ef06d860a9dd399a32b5a00799e866bdfea75da221a416ee9d2d3e39b1503d0dbef231576f3945561783219ad07ec5f936fa1d88e477bbeee6747261995e690a","ssdeep":"768:fXyR41xCXvHBaxPQxqWOYX7bwdLXHk0OYPjTLAIrbWpT6qKmr:/07X4WOg7bwdL00ZYF6qKmr","tlshash":"7f03bb48abfb612181b770bd5f8f9084b332544b980ece4cbe5c96d19f9483865eaf74","size":40437,"data":"","first_seen":"2023-03-10T19:49:36Z","last_seen":"2026-05-15T17:47:01.977807Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkroomsearchblock/views/js/wk-room-search-block.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec0e71bba904d450c2867b0f80487740","sha1":"f2d50c8ff583a750fabe507a7fe496026a283b65","sha256":"910269e32c4db2ba961a8e3897a4b73129530535a13abffb740e67ffa6a6dfdf","sha512":"e40a55ac6683b74746a064e6bce77b6163633f00cf22e52d276d6a4edbb9271d3ce44facebbe72553c164e196362b555db84308b1c3c7c5d405e0b6dacef2f20","ssdeep":"768:78WAUYPCuYVBZDjxFf7abS1sk1aFswLpnpRpEpopGpJG1qEjjMSl:78WAUYPCuYVBZDjxFf7abS1sk1aFswL5","tlshash":"04135119b6f312521977343e0fff524426a6404b4605ddc9be9c86c02f94a6cb7fbb8a","size":44803,"data":"","first_seen":"2025-10-17T20:06:27.645043Z","last_seen":"2026-05-15T17:47:02.006583Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/validate.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"44c134a90bb118d006fee3c40ec4d262","sha1":"728dec803dd979bed3de949f00011be2e1718fdd","sha256":"bf583320ff85a1815dd3cde044d16bdbc574e81b3a3d1aec8313ecf4f2b34060","sha512":"146330fd35efb9fc25f804c20f1e741f99d8f139ac13b22a011cf0f40a8553fa3a450f48b9ed3bf5927977379aee4c67df93650ecea7ad95a34537ba9c17c61b","ssdeep":"384:ypBp8tRAseMOaOrsRYuglxZaaAbfBkd2IalnXFBp6aPoeF02/h4b77Nv:ypBpoX4XrFaaafB+2Ia1pW2i","tlshash":"73a210dfa3f59b9d1b79a0dd4e3cd8ad45f949604075f074aafe62cbb24903c60e8860","size":22102,"data":"","first_seen":"2025-10-17T20:06:27.284523Z","last_seen":"2026-05-15T17:47:02.016264Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/modules/blockcart/ajax-cart.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f05bf1af76506bc1216e6bb08c05a5ef","sha1":"4ed3b4f65de5549965dd55c95554de93cf048c4c","sha256":"56049b88efbb2da8ab373d13731b5dbec6ba8280edc6262beedbd3c51d01479f","sha512":"18f1d992b77c896237647b6e90b85c252aca4077ef5290a4135d98328d6e967d755023ee6d1a1df7305b8aaeebb0573f39c60e56429ef586bb5c765b643597a7","ssdeep":"1536:FXCvznqiKhT8OpR1vbfdD+jYKH18W70sJupIIFIlpieCoeN:k2hTHrd6jYKHn0geN","tlshash":"bc735198f9f31475017b30b94aaf61c17e65c423a185d824b98d76d02fc0a35a7a3bfe","size":74139,"data":"","first_seen":"2025-10-17T20:06:27.289166Z","last_seen":"2026-05-15T17:47:01.993239Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.ui.core.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"739cf68f21c10e04cde3ad13fcff9063","sha1":"37737f32856e9d183a386198c78d49ba09b4278e","sha256":"98a1070bca0e81136719efe7c37a653e4389fe5eb81fb478c1b6c4c9018bea61","sha512":"cd19371fda39aba474fa1a641b7e17740d0605dd76f470fddd589fe0077470dd888c0d94833d0422567245994b7d66fdbabd041fe96522980aa7da8fe2c1b0c6","ssdeep":"96:3ETU8qSKnoEeVn9/JFOHyQXe+etgdJHEcBuGRKgbYtgkxKov0N:4U8E5ClWZLJusbUgmhG","tlshash":"ea9164ddf183b11196ef3375547b4a56f2bba885580d4024b05c84e83d71a1ae137f7d","size":4289,"data":"","first_seen":"2023-03-07T01:33:08Z","last_seen":"2026-05-15T17:47:02.005634Z","times_seen":412,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"939c7029a39cb7a038dbcb9b7ba73562","sha1":"480e42d51df8cb01bc8d12283d4c5cb31e4589b0","sha256":"e67b5b473d90ff399cf2216a2eef247b4e82201b6fc457d909918146cdbb6b2d","sha512":"8179474d5c1305877de56275f34d7e80fc624b099b3fa079e41a47cc8d65c94be5ae479e2a9d1b4f0adb8d3bec68812339d52ed1bdf81bf0add17f22b9166c90","ssdeep":"","tlshash":"b38163aa0eb14336d43e18ea995fb4873cf665364209c5fde48cc88851c58c7c15bacf","size":3997,"data":"","first_seen":"2026-05-15T17:47:01.295135Z","last_seen":"2026-05-15T17:47:02.060144Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkhotelroom/views/js/WkHotelRoomBlockFront.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d8080a07e5df4ba566604257dc78da98","sha1":"2fe25571f9ca3385d7a74eb5661139b9c851ade4","sha256":"bc92114f2728efe419d6ece009a11ee047875dabbb1c28ab373bb458877e8a40","sha512":"3b91da843a1f76fac445be5c3a03914199003aec7496aec16e9c266911eeac7c2a736c65894a13def4cb4cf2ea0d8bbf7f0d1a4d5c6ca365e32c553e2b88ea1e","ssdeep":"","tlshash":"a85136adbae671e08073376b7b9b268bb5344aeb400bc704fd4f45d10f50138a56e5e2","size":3083,"data":"","first_seen":"2025-10-17T20:06:27.323354Z","last_seen":"2026-05-15T17:47:01.946954Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/hotelreservationsystem/views/js/HotelReservationFront.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3bec969b309e14207cf9c86b53e025f7","sha1":"4d44aa507b22ab724be336a9c805ba2a8432df3e","sha256":"c0c4e5f28a35db118411a5864504e07e338c1f0d18948941a8d3f707d391f8a8","sha512":"7c74b0e27360a6b12e50f703dbde33ecf73a409e50d0adf388b5422869a82b5a3f00cd15e49a09dd77f3a58135c6c3629fd33db98eec6d923af9703d09e180c5","ssdeep":"","tlshash":"e20175549b738a88703be08b5f7e730c1b4542335386d965b90cd8547fd898f86349db","size":817,"data":"","first_seen":"2025-10-17T20:06:27.279476Z","last_seen":"2026-05-15T17:47:02.031304Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.ui.mouse.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"513bb6d79ab29c58ab1b32646216a3a0","sha1":"e387147ac78f8d540af81718c6832a5b84f6aa6c","sha256":"44a031c218436cfa24cb9be861133b0984ca2f73c67e0bfd81ccbc5dea0915db","sha512":"5728fc2830eea6319118194a98da55688319285afad278a594cd7776c5be9b40956b74739074903447e8131c9b589cf68eaee076df36b7dedee8755656c630e2","ssdeep":"","tlshash":"2b51698933209d8341932326d277ab077e3194e9944bd52cbb38ece8792857571bb5fc","size":2841,"data":"","first_seen":"2023-03-07T12:04:33Z","last_seen":"2026-05-15T17:47:02.051511Z","times_seen":293,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/blocknavigationmenu/views/js/htlnevigationmenu.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dfe9f8703609f0784a3fdfcd93d39149","sha1":"f0ea82f762fb06674b9ba969c83ff7aa96da344e","sha256":"81363681d559d08691e162ecbe59ca4bee7ad2a7626da7b294e0fd2951d6926f","sha512":"a4b96fe3a4d8e3d5c2103c786264014e531628ebc6835a29b3e232e5b85e6fb1829edf2bc66b4857eb13aed7b8b19cc7fd565e6ee4b7e5b51ad0d0c7e8705a92","ssdeep":"","tlshash":"6c4183a9e220a26740763416bb1a97aceb2ec0b5c60c96e5f8c0c58607ec73c53d6d72","size":2045,"data":"","first_seen":"2025-10-17T20:06:27.454859Z","last_seen":"2026-05-15T17:47:01.986567Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/daterangepicker/qlodaterangepicker.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e9eecc8093f3af9801ad63aa886ccb99","sha1":"a4bbff69229c91688ee8e6cdf39ade0d9410e9f5","sha256":"ff95012c0f1c5aa91b084b4ce54dd8157f33b8125e2f92dc5c7c80da344d1431","sha512":"dbd3f353647e31f24ce86c4345d2e4cdc794437409421767cfa25ba168c98fa20bc2f26aee72497b21be2d2ffb43ba0092059c940bc16eafcc7373f576cc5a3d","ssdeep":"96:/SZ7NlWtMu0SyPu6fOP6SI2nb/cESdvuE:/8Q2vPc6SRXSd2E","tlshash":"3e911f696532245b4637746eb7cb8a0966399097d8c0fcd83f4c42806fdb838dae7ed4","size":4413,"data":"","first_seen":"2025-10-17T20:06:27.56441Z","last_seen":"2026-05-15T17:47:02.029968Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/autoload/15-jquery.uniform-modified.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e411fd1cc410c2d2eeea94810fc2639","sha1":"6f469462c2620eece9b9699e9dedea1d6af2a807","sha256":"8cf23fb5b0fd00ee530d6a6c231fcb28cef55443e1cd0ff373487b6a92cee9f4","sha512":"08cb89d5939d440689f71cb607078fc1a36354e603ba8f71a5656b14577d86c66254f2191e50f396fe162268c685cb4ecfe60d628bacc8f6299eb60b3be053a8","ssdeep":"768:jfsBKnIaB641jH3YL+mcPfV/Z+4R6B3eR:jfs4nIk641jH3w+mcPfV/Z+4R6B3eR","tlshash":"3cf20f0d38f262a185b770ba5bdf5009b239922b5209de017c9e53f45f64628f2e37de","size":36394,"data":"","first_seen":"2025-10-17T20:06:27.396796Z","last_seen":"2026-05-15T17:47:01.989379Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.ui.tooltip.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4fbdb31340b01c249a0fe5112e0eeec9","sha1":"fe3d6e2b7fcb042dd322ae460a23592414e54cdf","sha256":"8e0ba6f3a82166e4b3091aa4f8e17f9bebfc1571239cdb7fb5168163bbd2641b","sha512":"112825c8f49b410990f4d6ba1f6fa354cd9362e70f9a78d2790f1ebabe77afbab032c6253deebf6545354867f0c8aa60caf3b5bbc6bd1fa1d8fa495be7ddb608","ssdeep":"96:3ETkU5cMx9Hq71orcoupHmtEYq9q0NGQex9jN:4Uo9HqarwNGQi9Z","tlshash":"c6a1531ff2637390b6e76161107b620d6033645e60c5453c3929dafe996dd48b3b293f","size":4781,"data":"","first_seen":"2023-12-02T10:45:11Z","last_seen":"2026-05-15T17:47:01.945919Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/blocklanguages/views/js/hook/blocklanguages.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"33b0ff9e3b43478e3a6fbb00dc79a244","sha1":"3d911dddc29848a63c118d51b43d55b84ab7bf86","sha256":"2e372e6b101762ca84108d15be6543c102830f55789c5b0a7505ea11f2024408","sha512":"219091c6ad8fa90727512796d450fb52a787020365489d6c9b0d1785fd1d22bcd4ee971dbef0e2d2ed4932b10801f0de25344e79c1719955210bb76efb95ce80","ssdeep":"","tlshash":"bf21feabb8b0e32381261a447e0f2a49d72550fe5645b6a9f60c45c11b2432892f6cb2","size":1192,"data":"","first_seen":"2025-10-17T20:06:27.363966Z","last_seen":"2026-05-15T17:47:02.038214Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.ui.datepicker.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4eac58ed8deb3189c8d05bab9187f1ce","sha1":"913c447b702cc168ec32369fde3f237493be4cef","sha256":"995cac4852c7ed5212c7bb5dabf39b456740320eb8a0ffc9219f59d0cba8ee9f","sha512":"3037f17851f5a02cf44730d18f865a1dfe32637f1c2eea762409ab4e55b78a15308462773894eff7734bb17e6266f434e18550800ee9f9a774f6da2a75a817f3","ssdeep":"768:M4gvOXmOClw2kfsdNQpCEAwpg/u3LNjhuTolCM8SbJ:M4EOXmOClw2kfgwpzXlCM8SbJ","tlshash":"74f2d61e60407d5a423b51a501ba3a079233255fad40c11cbdaeaade1b7cc8672bfff1","size":35806,"data":"","first_seen":"2023-03-07T01:33:08Z","last_seen":"2026-05-15T17:47:01.984908Z","times_seen":145,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/daterangepicker/jquery.daterangepicker.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"969cf2922cd2243cf746cf006c914722","sha1":"645ddbe97a4e431ec7c3e0e6c29e817e185451b2","sha256":"c1158c80fcf946982675b6e47a9b628f53ebe476a81afa0124709a488c2a6178","sha512":"9075a1becdce0214d7dd8b6f4cdaa4269f063f8dcd3cfa24366d22c8bc8f21ee6bf1c603714fbe73b6e1cc998e0d4375f803f92b8ab68d61258d00df716a0f18","ssdeep":"768:V2FkEstwTTzj1E3gzfe3BHMcoNfzGfckps/9xB7hfZPG6o2W9FtXhbR9H:V2F7TTzJmgzfexHMcoNSUki1qFthF9H","tlshash":"5c33094238c01f761b7b17f0154e1747b3e28939d843149c6efae4648be6e9e522eb8d","size":54438,"data":"","first_seen":"2025-10-17T20:06:27.60204Z","last_seen":"2026-05-15T17:47:02.024776Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/jquery-migrate-1.2.1.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb05d8d73b5b13d8d84308a4751ece96","sha1":"743052320809514fb788fe1d3df37fc87ce90452","sha256":"1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d","sha512":"7b68a43a22a41404a2ff58e0da6a237492cad0fc3e56d216980802b4d5fb483895262a7e049340d6670002bdf899ba88c319239e60d0aae1ac31d98556b0ad6e","ssdeep":"96:tBySz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:zySzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"3fe196dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","size":7199,"data":"","first_seen":"2023-03-07T01:02:56Z","last_seen":"2026-05-15T20:21:01.472401Z","times_seen":22350,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/global.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9263717ce32319c2074574fc7261d126","sha1":"acb58cfb65389c8dd124451b3100871bc489a164","sha256":"0f6ac7534da7c33853a2d116c4d3cf9c88edb63b09908d473a7438cbdbd734b1","sha512":"a21cce42e68226ceaf24b35f70d7b40cf6543b578b841133bf86af11bfe45a250d1b66cd6b645af382ce1703c2d74b04d96bcd31f3763a057eaefc4d03bd8a0d","ssdeep":"192:t8De7/btqozOABhDgzO1bJdPwQZNJiSdqf57ySUblB+Y5T5siN6uoL5naWccMp7A:ZCAgzkdKBS+YdsL5aWBOfvGmNu","tlshash":"e762b895fb3c153b807b201b5847a8c8777d4872c6064865f9acc5b43ae9f6a33e2d1e","size":15084,"data":"","first_seen":"2025-10-17T20:06:27.559808Z","last_seen":"2026-05-15T17:47:02.03581Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/products-comparison.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fdcec302e3a1120151e41d0e37bb773","sha1":"4e4f4bd03992a101c63f9123364e74293d125ba5","sha256":"c690b05ea451f3690e949e1de7730cbbae02219eec5fdbe697b21532c29dc8ee","sha512":"18a021477ae036047ca2b0c85c2e57ea743cd5a671b46a4b5ddf9a87c69333ace61902d1b9b95c566c10920d6e22a76a9439bc3e37581d0714045ca13cb1db61","ssdeep":"96:0o7glWOeK+Anxmh4NNWu3heOhfaRLbde3ZG9rSjZLXIUL0SdLRS+XSDr6BlUa:t8Dn8ALzxa9bA0RGrbIYlNXI6Bea","tlshash":"3e9183f8f27ca8617679217d5b2f19c9bf38563938445a01c188dcd02ba05ab93e3cbd","size":4351,"data":"","first_seen":"2023-03-08T13:44:46Z","last_seen":"2026-05-15T17:47:02.049556Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/timepicker/jquery-ui-timepicker-addon.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"256383ca57a25a5fd6f54d07bf36a3f7","sha1":"1e33cb2204ba9d14a9a7a1b970f0168b6d1c8634","sha256":"416d379e036a60d530235575f274a6ae75f25bb9c98cd7eede4af94898701fd0","sha512":"319946edeba6c89acfda8028e01b6999fd99e7c6526309d5da2d73792e4ab9233b8e7bf10f7921f45dcacafedc1e7dc665a41421e03091a377cca7d80a64d072","ssdeep":"768:ogyuUQUapQIqtf4vlKUkSvt6vGG66el+CdGhpTVZ3MjMmJ:S0qG6CUVhc","tlshash":"1723978de36d050a8b32206a2c9d1997d63d897b9c43be2ebddc84ec275cc18815df79","size":49576,"data":"","first_seen":"2023-03-11T21:44:30Z","last_seen":"2026-05-15T17:47:01.944783Z","times_seen":206,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/owl-carousel/owl.carousel.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ef5f0329c65e1c36879a6e98fc6fadd","sha1":"87ba95931fbbac29db329c78f1f183f23d84922c","sha256":"9a53d106f834d6b1a32ba2bcd2f10c5a864dc6308c124d243b087f3dbdf40b9a","sha512":"23674d1d033018c10271158d0c4dfea3c0b9795af2af266000f132771234889acd037a153711a710991710ec4a27419e41c86a4ee61cc8625672c3cf05693dd3","ssdeep":"768:SBA70MFA0c3db3FzkSRInLGhep2lcwJeL+CkbQdc75COpUQuiBt33:aAAMFE3dGMxAcF4DU","tlshash":"85137246b3202d2a869b61e0663f160bb23a291ce414507d7d79a6de6d7dc4c213fbfc","size":42792,"data":"","first_seen":"2023-03-07T13:01:24Z","last_seen":"2026-05-15T17:47:02.039477Z","times_seen":309,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/modules/blocknewsletter/blocknewsletter.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c79c8f0cd46224ef50f5beae3e52a46e","sha1":"8720f4409d1440d9a723862d20176f6c9df92e74","sha256":"bc70ad6460114345e69a2276af47405f5bbd54d2d5b9e79d494614440cced523","sha512":"13a9b22c8dc9886c1847511bdf74110e720bb2d6f0496f7792d5f1076f27d2fae15dae84a786c7f8a8c083c36738217c73506d4c61f45b5c832c79937b7244ee","ssdeep":"","tlshash":"5c41856eb572066382b3a8243d7f3848931504af1246ba5db50c46d06f1823cedf5eaa","size":1904,"data":"","first_seen":"2025-10-17T20:06:27.368916Z","last_seen":"2026-05-15T17:47:01.97512Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkabouthotelblock/views/js/WkAboutHotelBlockFront.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3efa58b2eff25a40882abfeda4aed173","sha1":"940c00bd3438b290be9e4b588ea08dda2a7a57ee","sha256":"c8e96f4a9a95009f08d52bdb0b3b0b276f94c3b4aeadb172e46a2cca856cb55e","sha512":"4bdb5f912f28c34178830751000f6f8f7c7a09b7c87244f91169b0de2476d5721f225e59316554f61a413d497adb832530ab60c42110c26bc0ce23b08c8ac12c","ssdeep":"","tlshash":"8b416662f7206633b133260f9d6e5109b739842f8d0638acf42c038037d7a35a5fba54","size":2218,"data":"","first_seen":"2025-10-17T20:06:27.6178Z","last_seen":"2026-05-15T17:47:02.052544Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/timepicker/jquery-ui-timepicker-addon.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/plugins/timepicker/jquery-ui-timepicker-addon.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 10923\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":49576,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"256383ca57a25a5fd6f54d07bf36a3f7","sha1":"1e33cb2204ba9d14a9a7a1b970f0168b6d1c8634","sha256":"416d379e036a60d530235575f274a6ae75f25bb9c98cd7eede4af94898701fd0","sha512":"319946edeba6c89acfda8028e01b6999fd99e7c6526309d5da2d73792e4ab9233b8e7bf10f7921f45dcacafedc1e7dc665a41421e03091a377cca7d80a64d072","ssdeep":"768:ogyuUQUapQIqtf4vlKUkSvt6vGG66el+CdGhpTVZ3MjMmJ:S0qG6CUVhc","tlshash":"1723978de36d050a8b32206a2c9d1997d63d897b9c43be2ebddc84ec275cc18815df79","first_seen":"2023-03-11T21:44:30Z","last_seen":"2026-05-15T17:47:01.944783Z","times_seen":206,"resource_available":true,"data":null}},"time_used":355,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/img/icon/icon-dropdown-arrow.svg","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/img/icon/icon-dropdown-arrow.svg HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/themes/hotel-reservation-theme/css/global.css\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 463\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1152,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8a14d24a3718105234fd65f74139b689","sha1":"705379155f732632e0f3894ae0965d6b9cec7a60","sha256":"8d10b16e99ce3acef37f54c7b21733cc103a6b1c8a933b4d041ac80514f41154","sha512":"34a08c5ceeaf2a484b79859f1833801a870401c0b9e190c304a4426b5c74879cc5e693f4a14e3007e75fdafe7ef37a1dc8d01969cf57456f0166acbf3ae887ce","ssdeep":"","tlshash":"4921cbd814fe0028d40ac522e3f2ba4a4d7eb18b42c04c9c75cd1c49af708bb0e9b25e","first_seen":"2025-10-17T20:06:27.511669Z","last_seen":"2026-05-15T17:47:02.008476Z","times_seen":10,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/oxygen/v16/2sDfZG1Wl4LcnbuKjk0m.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:40 GMT","end":"Mon, 13 Jul 2026 08:36:39 GMT"},"fingerprint":{"sha1":"7F:B3:C1:48:F4:27:B8:68:3C:19:02:13:E1:6F:23:04:AC:C8:65:17","sha256":"FC:08:6D:DD:C4:AF:25:5E:6A:51:A0:A1:4E:27:4A:FF:E3:A5:37:ED:A4:1A:33:C1:27:48:DE:AB:71:AE:5D:2D"}}},"request":{"raw":"GET /s/oxygen/v16/2sDfZG1Wl4LcnbuKjk0m.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://auraguest.lk\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 16288\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 10 May 2026 10:20:31 GMT\r\nexpires: Mon, 10 May 2027 10:20:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 458764\r\nlast-modified: Thu, 04 Sep 2025 17:08:56 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16288,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16288, version 1.0","md5":"205f35f3d41b09dc8c60b4a17a0078e7","sha1":"d945c292ad20d91ddbf29c9aed09fa78da66c3c5","sha256":"cb77b974327584a478f8579490a5f118da52f1062e00b5ad31cb4dc5444efb37","sha512":"ce34eaec1dc4c39bec163f492d2ece57035b749149f82fd0a2a3a310e7feffa38ef5090cc9cb70b261c12fe39b734a1133b4d85b65d567e8f84c7e9d228f88ce","ssdeep":"384:n9r224rYCfSQ+kNLYq+kI7oCsY0w0bKpY8YaUhqMDaj:nA24rR+Scq3I7oX4Y8bUtDaj","tlshash":"fe72d0321d02117cf3615b25e01cfc9ead4c7857b15886b93d69bd030a63bdefa4e6a1","first_seen":"2025-09-05T00:54:03.60612Z","last_seen":"2026-05-15T20:22:38.021883Z","times_seen":4173,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":108,"dns":2,"connect":15,"send":0,"wait":16,"receive":5,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkroomsearchblock/views/css/wk-global-search.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wkroomsearchblock/views/css/wk-global-search.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2069\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":8767,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c329ed1536e1d8a4c485af5102c95e89","sha1":"148c71b6c8aeffb4f89d4fe6e446cda10ea0026a","sha256":"c534d9a1fed87b924e80679e0ce1a021c21fdf79c61528bd97ffdc32812437c6","sha512":"8cdcfc35396b35a82ed3393dbb113b9831332f5052a9c277aae83ba06de466c4efeb337931e17564845de96e53c481eb8cf29a67a84e7eae41b6d22c30180b2e","ssdeep":"192:/8Q2qmduFwSb8yghXKhCFUqqFxZFFX0NwXZWW6MFd:7DSuFA0hnpFBqWRd","tlshash":"540233d2dab3614574218d1eabff7b84232052134645eaeabfdcd0185f4c5d8a2e378d","first_seen":"2025-10-17T20:06:27.530194Z","last_seen":"2026-05-15T17:47:01.968213Z","times_seen":7,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/hotelreservationsystem/views/css/HotelReservationFront.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/hotelreservationsystem/views/css/HotelReservationFront.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 428\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1401,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"4b898f14cf36a5b905a5267f36cf3505","sha1":"98a5955176c71fc7bb6d42435881cfd69f51d4ef","sha256":"5b206f4df3b5b8753097e4fc6e53c5a7b1cbb20bf3cab45a2af66aeb4e474ec1","sha512":"493c1c2fccf6c60d67dcb2b381b9b09937dab70947c49c52ec642e8b0ed169386c8d36b15c8cc491c4a52f0e39c566e43bc37043330bc40550d5703357876ab7","ssdeep":"","tlshash":"e1219b860b672400b05e583def684f1a371b1253560fea2aba9cf18ecfc41d04753b48","first_seen":"2025-10-17T20:06:27.47002Z","last_seen":"2026-05-15T17:47:01.943546Z","times_seen":9,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/owl-carousel/assets/owl.carousel.min.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/owl-carousel/assets/owl.carousel.min.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 820\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3020,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2863)","md5":"8bc26c557af51ebee8313a9322123bff","sha1":"be437fe01dd73e0565ddf0370ab96653b549cf86","sha256":"833899bf39536177fc2caae35937d28a7f99d71a737bce668d71da6073ad4710","sha512":"f21736d573149517d859db57fa97a56b68abd9d9854b1a394cb17dbf7fbbaf9e24da840ce80eb75bc94db74aca96ab18e48e5174995c204c17582c47693542da","ssdeep":"","tlshash":"b351ade5214b225e481f87261ddc1e43293dcc52d9660a9a92bbe614879ae1c113ffcf","first_seen":"2023-04-07T21:42:41Z","last_seen":"2026-05-15T17:47:02.046521Z","times_seen":131,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/daterangepicker/moment.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/daterangepicker/moment.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 18214\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":58104,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (58064)","md5":"fbe3eafcd720c936d251c4532aa8160b","sha1":"6b28f759053e6205922cd40fdccc89b90351e183","sha256":"978ecd36e892112c7a0f429c43ac64727b76a26e09010289f50673a9ca3039fd","sha512":"d3f16dbbb2741aa7bca3f42976e7968d1b37831d2e96e4540629ce142dbe272a2159c491a8004aedc08f9c645bc541d7dbaeb782472066d0c8b8c26b87407f78","ssdeep":"768:H9LqJUvlnpLWIqCiFghOcknUU/aIkk/HRXHq4Gqjv35H:deAlpLWfWOcCBJHRXq4bjZ","tlshash":"1543a3ce3546b012576212b5082f490bf33e6999680e4d2cf508e9e97979c6e427ffbc","first_seen":"2023-11-08T12:05:40Z","last_seen":"2026-05-15T17:47:01.982426Z","times_seen":91,"resource_available":true,"data":null}},"time_used":384,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":367,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/daterangepicker/qlodaterangepicker.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/daterangepicker/qlodaterangepicker.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1331\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4413,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"e9eecc8093f3af9801ad63aa886ccb99","sha1":"a4bbff69229c91688ee8e6cdf39ade0d9410e9f5","sha256":"ff95012c0f1c5aa91b084b4ce54dd8157f33b8125e2f92dc5c7c80da344d1431","sha512":"dbd3f353647e31f24ce86c4345d2e4cdc794437409421767cfa25ba168c98fa20bc2f26aee72497b21be2d2ffb43ba0092059c940bc16eafcc7373f576cc5a3d","ssdeep":"96:/SZ7NlWtMu0SyPu6fOP6SI2nb/cESdvuE:/8Q2vPc6SRXSd2E","tlshash":"3e911f696532245b4637746eb7cb8a0966399097d8c0fcd83f4c42806fdb838dae7ed4","first_seen":"2025-10-17T20:06:27.56441Z","last_seen":"2026-05-15T17:47:02.029968Z","times_seen":7,"resource_available":true,"data":null}},"time_used":395,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":395,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/modules/blockcart/ajax-cart.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/js/modules/blockcart/ajax-cart.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 12225\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":74139,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (484)","md5":"f05bf1af76506bc1216e6bb08c05a5ef","sha1":"4ed3b4f65de5549965dd55c95554de93cf048c4c","sha256":"56049b88efbb2da8ab373d13731b5dbec6ba8280edc6262beedbd3c51d01479f","sha512":"18f1d992b77c896237647b6e90b85c252aca4077ef5290a4135d98328d6e967d755023ee6d1a1df7305b8aaeebb0573f39c60e56429ef586bb5c765b643597a7","ssdeep":"1536:FXCvznqiKhT8OpR1vbfdD+jYKH18W70sJupIIFIlpieCoeN:k2hTHrd6jYKHn0geN","tlshash":"bc735198f9f31475017b30b94aaf61c17e65c423a185d824b98d76d02fc0a35a7a3bfe","first_seen":"2025-10-17T20:06:27.289166Z","last_seen":"2026-05-15T17:47:01.993239Z","times_seen":7,"resource_available":true,"data":null}},"time_used":409,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":403,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkabouthotelblock/views/js/WkAboutHotelBlockFront.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wkabouthotelblock/views/js/WkAboutHotelBlockFront.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 843\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2218,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (334)","md5":"3efa58b2eff25a40882abfeda4aed173","sha1":"940c00bd3438b290be9e4b588ea08dda2a7a57ee","sha256":"c8e96f4a9a95009f08d52bdb0b3b0b276f94c3b4aeadb172e46a2cca856cb55e","sha512":"4bdb5f912f28c34178830751000f6f8f7c7a09b7c87244f91169b0de2476d5721f225e59316554f61a413d497adb832530ab60c42110c26bc0ce23b08c8ac12c","ssdeep":"","tlshash":"8b416662f7206633b133260f9d6e5109b739842f8d0638acf42c038037d7a35a5fba54","first_seen":"2025-10-17T20:06:27.6178Z","last_seen":"2026-05-15T17:47:02.052544Z","times_seen":7,"resource_available":true,"data":null}},"time_used":318,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/themes/base/jquery.ui.slider.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/ui/themes/base/jquery.ui.slider.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 433\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1314,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"be3ff74589a1fede91194c0f8bbf34ed","sha1":"eae0e83ab091e2463172864f05d570f7eedadc09","sha256":"2eb6ae5ebdac4682af0d96b0784eda248336523381ca710c3a528730b8036b1e","sha512":"01d2fabf78ce1824778e35a3378f5ff55122b6975fe8f178a8754c1bd76f8ae72b9982d2108768f7587cf833e665243a80d11c1ee332f336f5ec1035f218ca08","ssdeep":"","tlshash":"64210554030b2f54b93586617a98edf7e6c90f809e1bbc7ad1d1791cc6c58f090afac9","first_seen":"2023-04-08T14:04:39Z","last_seen":"2026-05-15T17:47:02.042604Z","times_seen":259,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.ui.datepicker.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/ui/jquery.ui.datepicker.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 10362\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":35806,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32035)","md5":"4eac58ed8deb3189c8d05bab9187f1ce","sha1":"913c447b702cc168ec32369fde3f237493be4cef","sha256":"995cac4852c7ed5212c7bb5dabf39b456740320eb8a0ffc9219f59d0cba8ee9f","sha512":"3037f17851f5a02cf44730d18f865a1dfe32637f1c2eea762409ab4e55b78a15308462773894eff7734bb17e6266f434e18550800ee9f9a774f6da2a75a817f3","ssdeep":"768:M4gvOXmOClw2kfsdNQpCEAwpg/u3LNjhuTolCM8SbJ:M4EOXmOClw2kfgwpzXlCM8SbJ","tlshash":"74f2d61e60407d5a423b51a501ba3a079233255fad40c11cbdaeaade1b7cc8672bfff1","first_seen":"2023-03-07T01:33:08Z","last_seen":"2026-05-15T17:47:01.984908Z","times_seen":145,"resource_available":true,"data":null}},"time_used":330,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/autoload/15-jquery.total-storage.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/js/autoload/15-jquery.total-storage.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 914\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2564,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (437)","md5":"25bb6f0d5dc5f3094b9cd007e246cf1d","sha1":"668596c0e96650cba50f5538384bebb48abde0ca","sha256":"67dadeecd506147b7adba2b464bb05723e729997af9df1aa0ff7696e535b4d0b","sha512":"cdbfdf0ff8ecdd84abbcfd1421df6c55ebcc10bd846f30f3013316fb0b0e0ac6120ad63e774dff1ad89e598f148ba4ab848d69ff43c34aa1d0ce515e97a3c3e9","ssdeep":"","tlshash":"9451112f32d2722582c4167d7c6f12abe73669f2609c5194d09190e07e64c15c673f9f","first_seen":"2023-03-07T01:33:08Z","last_seen":"2026-05-15T19:26:23.896937Z","times_seen":1001,"resource_available":true,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":361,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/jquery.chosen.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/plugins/jquery.chosen.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7531\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":40437,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"38dfac0307ea6167b951fad36204767e","sha1":"eb0ec529fb2d847ce46a92113ef143f59efd2e54","sha256":"a7163066d83c2a8d895490e9412558cf1bda87a2926d908533f64b94d4f293b0","sha512":"ef06d860a9dd399a32b5a00799e866bdfea75da221a416ee9d2d3e39b1503d0dbef231576f3945561783219ad07ec5f936fa1d88e477bbeee6747261995e690a","ssdeep":"768:fXyR41xCXvHBaxPQxqWOYX7bwdLXHk0OYPjTLAIrbWpT6qKmr:/07X4WOg7bwdL00ZYF6qKmr","tlshash":"7f03bb48abfb612181b770bd5f8f9084b332544b980ece4cbe5c96d19f9483865eaf74","first_seen":"2023-03-10T19:49:36Z","last_seen":"2026-05-15T17:47:01.977807Z","times_seen":26,"resource_available":true,"data":null}},"time_used":400,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":399,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/autoload/10-bootstrap.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/js/autoload/10-bootstrap.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 6922\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":27631,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (27510)","md5":"7ba470f70a0141a75a81d57e85c80d33","sha1":"4939afee748a597e5a06eefc4a5489a538279545","sha256":"650c142505681d7842af8b9eb182c38ec5b117c3326c7ae06b93cbb4be4172a2","sha512":"2466876ac6f2735f93271561b20bb80c999c0908e3dfc8e586cc460155b3ae67397958f0a1f6c4469665df06c23c86477cc0eae17f3a7c259671046458e71d87","ssdeep":"768:h2v6X8Yks6Zzy4PzYtwb4XDLD8agMRXfcAfwI0OCtgez:hN8jo77CCK","tlshash":"3ec26406b2313161079bf2f5115b020b723a7a7ee906907c38b9dae63db9c597127f39","first_seen":"2023-03-07T01:33:08Z","last_seen":"2026-05-15T17:47:02.048869Z","times_seen":761,"resource_available":true,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":355,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wktestimonialblock/views/js/WkTestimonialBlockFront.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wktestimonialblock/views/js/WkTestimonialBlockFront.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 557\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1225,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"c38294a4a7edaf321fdec28a71fa8d04","sha1":"793d3fbd5c1c23b5e364546dd53fc451efb25f04","sha256":"6eacc29c459ebf18aa4e5405e7cbf780c6cccc6a1a6323cb659f90bff9ac76b6","sha512":"c652790d643a63c3df70118ebdc4c51f5a5a754bb7c80623710872c4f0b7f293f5442e203607ca87f9125d5be762793a994acfec0deafa55a769202f5c4ea6a7","ssdeep":"","tlshash":"6421dfaba424d23385111a042e9e29099f2c94bd594476d9b50d42c11b2872da1b79e1","first_seen":"2025-10-17T20:06:27.373191Z","last_seen":"2026-05-15T17:47:01.994377Z","times_seen":5,"resource_available":true,"data":null}},"time_used":399,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":399,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkroomsearchblock/views/img/icon-hotel.svg","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wkroomsearchblock/views/img/icon-hotel.svg HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/modules/wkroomsearchblock/views/css/wk-global-search.css\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 503\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1592,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"677542631c2789547e2063fbcd57bb0e","sha1":"ad792cfd0c4c5549622b5841c3cd2a0ae6aef991","sha256":"8dce3db95032d3f95b8f80630d0792331c73c47156aeba693ad5df69b2482927","sha512":"4ecd38a1e915176c34bda9d7ffa825cff1a2384a22465b8a1b8d2ce8498cf455100fe05ef235b13370907f0209467c1b8cae20a1ba071aed07c9597e7ea7fbc1","ssdeep":"","tlshash":"e1318ed876fd4028e146c522e3e4f6d98a3eb14f93c60458b6cc25592f318a71ee738e","first_seen":"2025-10-17T20:06:27.548694Z","last_seen":"2026-05-15T17:47:02.007894Z","times_seen":6,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/css/global.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/css/global.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 36377\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":230995,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with very long lines (480)","md5":"32e8b5d13606320d59df5c443c93a6c7","sha1":"5e43bcd2243ab05a79c5abb7a12ae9b1549eb1c6","sha256":"2a59a7ed2a0e39aa4aa294df5674766ee78d16f779f8f98ddeb8650851104f56","sha512":"8ea153e5b1a828d9dc8196e6871aeae607b5675b7ce64339820137a5769aa1a7719c8b735ad82315d8ac36db741f83b8310540f683ed8af08b0f6e9b3f167b24","ssdeep":"6144:JkZynKcxe8D8ixHdTiC0KJslbz6hN29plBsPL60:JkZynKcxe8slbz6hN29plBsPL60","tlshash":"f534a5d3eaf515443326c0583697eb91b7256003c94fcd7afb9e319cdf892c852a2b89","first_seen":"2025-10-17T20:06:27.331872Z","last_seen":"2026-05-15T17:47:02.019593Z","times_seen":7,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/daterangepicker/jquery.daterangepicker.min.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/daterangepicker/jquery.daterangepicker.min.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1631\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7936,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7936), with no line terminators","md5":"e463244064e1a7fe8f05d532fa621657","sha1":"c08a69217569d08401f3ad5254da2f7588601da6","sha256":"aaeddfd629d1e403c4f50db54128928e98aa6470bcd1a2bc8d687673c02406c8","sha512":"9e6bca646f04ddd00d6d902c257a5d2ba22aa5f1176cf35ba5edccdd4b35a938a9abbe08a5345285ba427fc94915aa41eded0c9036cd0cac4b8d2d555addaf56","ssdeep":"96:rT/ZtdASsfLR2QzbJRUwZtBqj4H1ke68p/cAOKwhBY:rT/ZYZsODUwZtBOqX9cACG","tlshash":"7ef1ed16be373812512b853e65ac975e283758336b531b2fadc1e81c874d9ed03afb14","first_seen":"2023-07-23T14:59:48Z","last_seen":"2026-05-15T17:47:01.981254Z","times_seen":169,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/blocknavigationmenu/views/css/blocknavigation.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/blocknavigationmenu/views/css/blocknavigation.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 784\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1917,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"8ce39280a8ce0422ba8a0ee821331b0d","sha1":"35ff34c11e1e7912d22d15220fcb2e11b97512b3","sha256":"f02e71f7f7a4710457e13141763652f100feae337358768c2174206f51df960f","sha512":"5114f747129db4314d82e2c925ce0efd228586f1a8b760b4c6d570a020d34f5999ce0b85b2d42ab866095f7111b424f3eb4e7e3d17d8bf6c75864ceaba43687d","ssdeep":"","tlshash":"d041c8e7f730521a61161b443e835b8ef33a80e9595dceb8e6d144dcaf1036901bbee2","first_seen":"2025-10-17T20:06:27.410113Z","last_seen":"2026-05-15T17:47:01.998262Z","times_seen":7,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/autoload/15-jquery.uniform-modified.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/js/autoload/15-jquery.uniform-modified.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7603\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":36395,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"4e411fd1cc410c2d2eeea94810fc2639","sha1":"6f469462c2620eece9b9699e9dedea1d6af2a807","sha256":"8cf23fb5b0fd00ee530d6a6c231fcb28cef55443e1cd0ff373487b6a92cee9f4","sha512":"08cb89d5939d440689f71cb607078fc1a36354e603ba8f71a5656b14577d86c66254f2191e50f396fe162268c685cb4ecfe60d628bacc8f6299eb60b3be053a8","ssdeep":"768:jfsBKnIaB641jH3YL+mcPfV/Z+4R6B3eR:jfs4nIk641jH3w+mcPfV/Z+4R6B3eR","tlshash":"3cf20f0d38f262a185b770ba5bdf5009b239922b5209de017c9e53f45f64628f2e37de","first_seen":"2025-10-17T20:06:27.396796Z","last_seen":"2026-05-15T17:47:01.989379Z","times_seen":9,"resource_available":true,"data":null}},"time_used":367,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":362,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.ui.position.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/ui/jquery.ui.position.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2273\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":6273,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (6139)","md5":"eb63c3d2dace62e102af74004ccd0ff1","sha1":"87111589591e91227bc22f9667b3fb9ede7c02be","sha256":"a78dcce5af1285a72e9f48f2d074dc109be907e29fe03724245ce2a8df0c5121","sha512":"0c6fdbc9f939a17fda3ffe65f448108b0a17beb4d1b6bf34cc47b20b45943cf6e73871d47e604a1e763159dc957c5156a6508170ed39742a6afe60cbe68ba313","ssdeep":"96:3ETtfr3C+Tw5dLa98RK8Qix/fhmAUbhlvXtdiGeNt9w9dJMoCVEuCPtGmWFVaSpB:4QvaCf29di7eLCVEurrpmMa4RyQ","tlshash":"92d1e7b4ab067816d1fbf14b908b431da0309021b35be589f22ddef9389a91412f3ef4","first_seen":"2023-03-07T12:04:33Z","last_seen":"2026-05-15T17:47:02.05718Z","times_seen":70,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/products-comparison.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/js/products-comparison.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1450\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4351,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"8fdcec302e3a1120151e41d0e37bb773","sha1":"4e4f4bd03992a101c63f9123364e74293d125ba5","sha256":"c690b05ea451f3690e949e1de7730cbbae02219eec5fdbe697b21532c29dc8ee","sha512":"18a021477ae036047ca2b0c85c2e57ea743cd5a671b46a4b5ddf9a87c69333ace61902d1b9b95c566c10920d6e22a76a9439bc3e37581d0714045ca13cb1db61","ssdeep":"96:0o7glWOeK+Anxmh4NNWu3heOhfaRLbde3ZG9rSjZLXIUL0SdLRS+XSDr6BlUa:t8Dn8ALzxa9bA0RGrbIYlNXI6Bea","tlshash":"3e9183f8f27ca8617679217d5b2f19c9bf38563938445a01c188dcd02ba05ab93e3cbd","first_seen":"2023-03-08T13:44:46Z","last_seen":"2026-05-15T17:47:02.049556Z","times_seen":57,"resource_available":true,"data":null}},"time_used":400,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":395,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/jquery.serialScroll.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/plugins/jquery.serialScroll.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 963\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2013,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1691)","md5":"667dbe0197ae28806702fb36fa4b7c49","sha1":"976e6733f24ddd0d9e73882890d519f4229ef072","sha256":"88de8847f3422574ba963b885cd481fb74790b38bd8d077f41b75e5ee97ea8df","sha512":"35b64dee3f3a412e84fcaa5f30b364eae1b79583a479b3198bd258e34b6b214ac0c2f4cf3cacd37a27b74eb094c31702bfc745dc797fb95ebb6ffad01b6f717c","ssdeep":"","tlshash":"73413006f3136eed52ff2320a15b4d05b3a120676a4b5590e284e9d13ef983d7b1ae1d","first_seen":"2023-03-07T12:10:44Z","last_seen":"2026-05-15T19:43:03.78878Z","times_seen":731,"resource_available":true,"data":null}},"time_used":410,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":409,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/img/favicon.ico?1764782031","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /img/favicon.ico?1764782031 HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Fri, 21 Nov 2025 18:18:06 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 43863\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":185261,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 9 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"c7a12bfdd855d1d1adf120598798c319","sha1":"f46b28f089dda940641678c9d752e66e66f97281","sha256":"a5a52e72c82cdc73853de27c3c924824dd6ec2e2d337edc59c174df5b607ba6d","sha512":"e0d9f8c2e88d01b4c75046b208f117330968b0c6aeb329d770c693ffd97ca50dc39dc5afd3bf0304eb16e902212adcbaf154e154dc7ec258186c18d2bd801cb9","ssdeep":"1536:/1PKO4H5Mc1zTfB4+spGWoZ55GwdupkP7LiJzAx6j3YgcZpXfl4ps5Ni8c:/uZMaJrMM7ZYWNdc","tlshash":"c1043abfb8014114e8aa57f0a12b9e5d118beffbb870b21a6d5d73b81b7b2d3150144b","first_seen":"2026-05-15T17:47:01.211989Z","last_seen":"2026-05-15T17:47:01.997142Z","times_seen":2,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":133,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-15T17:46:32.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/8.3.30\r\ncontent-type: text/html; charset=utf-8\r\npowered-by: QloApps\r\nset-cookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200ed77d668693b3574bd903bf5724b9fb72d5dc2843e52d78667295f27737bb2ae35741c54a53f96799584ee933c8cdcfc74e2a669836e2d29fecb5f89579a85f89c0ab0b0d58498d85f378aeccccbd86d9edbe4e350158d71fe365fc0d0a13dc16be8b96887de97e5a9f524fbe3bf0229ae606c2871ffa43e3485d4c516c5c0a0eb541d8aa5417b645905c60e15b72af1eccc01a47c8cce026f3423; expires=Thu, 04 Jun 2026 17:46:34 GMT; Max-Age=1728000; path=/; domain=auraguest.lk; secure; HttpOnly; SameSite=Lax\nQloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372; expires=Thu, 04 Jun 2026 17:46:34 GMT; Max-Age=1728000; path=/; domain=auraguest.lk; secure; HttpOnly; SameSite=Lax\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 15 May 2026 17:46:34 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:1.11.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:1.2.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery UI","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"Moment.js","description":"Moment.js is a free and open-source JavaScript library that removes the need to use the native JavaScript Date object directly.","website":"https://momentjs.com","common_platform_enumeration":"cpe:2.3:a:momentjs:moment:*:*:*:*:*:*:*:*","icon":"Moment.js.svg","categories":["JavaScript libraries"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"FancyBox","description":"FancyBox is a tool for displaying images, html content and multi-media in a Mac-style 'lightbox' that floats overtop of web page.","website":"https://fancyapps.com/fancybox","common_platform_enumeration":"","icon":"FancyBox.svg","categories":["JavaScript libraries"]},{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Chosen","description":"Chosen is a jQuery plugin that makes long, unwieldy select boxes much more user-friendly.","website":"https://harvesthq.github.io/chosen/","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"bxSlider","description":"Add a respsonsive image slider to any website.","website":"https://bxslider.com/","common_platform_enumeration":"","icon":"bxSlider.png","categories":["Photo galleries","JavaScript libraries"]}],"data":{"size":40259,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"50dbff0a63f4c145ae2276fa041cb7bd","sha1":"8bda63f6cc3a646db2cd2f58efec5fb937e01d27","sha256":"2f81ffd0aeb29e69d6888ad8e5c23fc3b0da0dd81c6848c1ad9d4c7ba9746e29","sha512":"299076d80586019a1da52ca0187f7f4fb4310b767ea1812a87db59501a81a45bccc1b7a38ab5d85b5f2f986d135951c1a6ff5f1cc57b1dd03bcaa14ccbdc1d25","ssdeep":"384:FQtm/m7iCnkO7u0IDqKWEXptOGwt1V1Izw2xyUIzQzUZaE6fMiFFsmyTJFVXwtxp:Cc/YiCnk19SEgZBd3uAqH/9p","tlshash":"760375154dbdac3b002205c1e46aa59aadefae33e311d4e4f2ffc5681bc6dc4991b44e","first_seen":"2026-05-15T17:47:01.212955Z","last_seen":"2026-05-15T17:47:02.032333Z","times_seen":2,"resource_available":true,"data":null}},"time_used":2412,"timings":{"blocked":246,"dns":1,"connect":119,"send":0,"wait":1919,"receive":0,"ssl":125},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/themes/base/jquery.ui.theme.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.061Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/ui/themes/base/jquery.ui.theme.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2648\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":17520,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"187fc9fe3177cd2d9093ab759581943f","sha1":"7095865dafc0f5030961deeff4194dacbf4a620f","sha256":"8334860d85a83fb12ef41950f2f00c676ad467267c2a535089b26584df89859b","sha512":"7f8df5b9b7df605d455ac8feb6222b5c7766d56a5e52b5d5df3d8a6481338cd860d014d2065fa21f295166ecfe4f5141c91421fb45108f988ccf3da798dcb6a3","ssdeep":"192:rart7pV9DJ5Batx2vNVhgFkv9i6fG9RhS2wV53skuMaaSQhQz0iIh+hNBv:rg5/V4zS25vrv","tlshash":"6d723b215b833159bf4bd16061e01af2c23a2751fc672f7d55ab399ce2d28e0c47b9b4","first_seen":"2023-04-08T14:04:39Z","last_seen":"2026-05-15T17:47:02.040498Z","times_seen":295,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":80,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/css/autoload/uniform.default.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/css/autoload/uniform.default.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2138\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":12277,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"70ec78c2631582b214ede87fa5ba235f","sha1":"306684c4eb743ac47e9af9b18797afd2f76267e2","sha256":"dffe8b2ce810cca96d3450e6f387ead167e9b2d42433762cd34afeb49f1ed6af","sha512":"56881c1598fabeee5aebc309d93b7face2ad890891151a44c5279743872e2f81439972ef75efae172c5cc166f74c064a527796b05a6a5a68a7c728c0ef0d228e","ssdeep":"192:9hTGjI2zSaEgZrtJotYRwMRaNne2RLHRegvOfbebZcRfqw0qr48e6t:9JfwSanZrtyYEOVeg","tlshash":"0142ae795f912d517b6bd06129a253c3633700878e1d7e6c3dda39acef4e2c062d3662","first_seen":"2023-05-03T15:01:59Z","last_seen":"2026-05-15T17:47:01.980378Z","times_seen":154,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/css/autoload/responsive-tables.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/css/autoload/responsive-tables.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 451\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1433,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3639635d7f7f3c1038c75ab53abce169","sha1":"c6b66b986f3fe248d9a8d7d5f145511653a40582","sha256":"8103fb363ac7513e817bf9ed443ffac59587621c8da3c00b165f714808098c88","sha512":"abcb6f0e630a2cb8f8234657c3604dcc194d70e72e39f43a1e364867b07e919891d9bed2e45c07a654f7fff2233acfbb36406a583987a5cd4dc42dcc0508cc87","ssdeep":"","tlshash":"982120e25f1031442563e3b67c2be8afef12015abb9958b97d46305cc22cf18411fee6","first_seen":"2023-04-07T11:54:31Z","last_seen":"2026-05-15T17:47:01.979732Z","times_seen":480,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/css/modules/blocknewsletter/blocknewsletter.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/css/modules/blocknewsletter/blocknewsletter.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1245\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5340,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"59a33c47dfd3f03cafc9d297f968bbb2","sha1":"7db92a0a3e32b8be20780fbd25aeeda1affddd58","sha256":"d6f42a3f99835cb42cc6af268fd4689ccb36ddad1cd75372a1004e2c18930e17","sha512":"98b9086665d43135a6d72b54b5f4de4faba4acbb1986d58f0b3d3db68bb6e282280acecf9b128b098f17862edc9c66c934d9fe12642af121cbb71921392cada9","ssdeep":"96:9CH+qZWWaqusNaNFFFFFpK88d/kqKQrEu/Rrvj:9CeqQWaqusNaX//pK8c/kqKQrEu/J","tlshash":"7bb10143df7603c661c39d541eeeb1c9a21c6003820f5cd5bb8c9598ef4e6e89de168b","first_seen":"2025-10-17T20:06:27.583402Z","last_seen":"2026-05-15T17:47:02.034949Z","times_seen":9,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/global.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/js/global.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3950\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":15084,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"9263717ce32319c2074574fc7261d126","sha1":"acb58cfb65389c8dd124451b3100871bc489a164","sha256":"0f6ac7534da7c33853a2d116c4d3cf9c88edb63b09908d473a7438cbdbd734b1","sha512":"a21cce42e68226ceaf24b35f70d7b40cf6543b578b841133bf86af11bfe45a250d1b66cd6b645af382ce1703c2d74b04d96bcd31f3763a057eaefc4d03bd8a0d","ssdeep":"192:t8De7/btqozOABhDgzO1bJdPwQZNJiSdqf57ySUblB+Y5T5siN6uoL5naWccMp7A:ZCAgzkdKBS+YdsL5aWBOfvGmNu","tlshash":"e762b895fb3c153b807b201b5847a8c8777d4872c6064865f9acc5b43ae9f6a33e2d1e","first_seen":"2025-10-17T20:06:27.559808Z","last_seen":"2026-05-15T17:47:02.03581Z","times_seen":9,"resource_available":true,"data":null}},"time_used":331,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/daterangepicker/jquery.daterangepicker.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/daterangepicker/jquery.daterangepicker.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 14859\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":54438,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (51438)","md5":"969cf2922cd2243cf746cf006c914722","sha1":"645ddbe97a4e431ec7c3e0e6c29e817e185451b2","sha256":"c1158c80fcf946982675b6e47a9b628f53ebe476a81afa0124709a488c2a6178","sha512":"9075a1becdce0214d7dd8b6f4cdaa4269f063f8dcd3cfa24366d22c8bc8f21ee6bf1c603714fbe73b6e1cc998e0d4375f803f92b8ab68d61258d00df716a0f18","ssdeep":"768:V2FkEstwTTzj1E3gzfe3BHMcoNfzGfckps/9xB7hfZPG6o2W9FtXhbR9H:V2F7TTzJmgzfexHMcoNSUki1qFthF9H","tlshash":"5c33094238c01f761b7b17f0154e1747b3e28939d843149c6efae4648be6e9e522eb8d","first_seen":"2025-10-17T20:06:27.60204Z","last_seen":"2026-05-15T17:47:02.024776Z","times_seen":9,"resource_available":true,"data":null}},"time_used":396,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":383,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/blockcurrencies/views/js/hook/blockcurrencies.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/blockcurrencies/views/js/hook/blockcurrencies.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 528\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1193,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"e640d75b996c80d4c1919fc7ea461a70","sha1":"6c654c0b7524e48e48e4ddb6e67c49c84ffb6acc","sha256":"1d29b620432fe293cb1707de251e5476ffcbf391478abe27f8c0ff70d96d1831","sha512":"1430e2ae96e51e737f038dee4681b665686e5103db0dec08275aa4beff85dab0fbd1d80800a388f1692b87c668d59ff99bec8d64fcdd6da3418644817986f0ab","ssdeep":"","tlshash":"7b212ebbb8b0e373c0362a046e0f1a4de72651fe5245b699b50c41c11b2832892f6cb2","first_seen":"2025-10-17T20:06:27.499993Z","last_seen":"2026-05-15T17:47:02.045025Z","times_seen":7,"resource_available":true,"data":null}},"time_used":401,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":401,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/themes/base/jquery.ui.core.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/ui/themes/base/jquery.ui.core.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 550\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1468,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"75db4e0758fc6c2a1c55d519a46f95e8","sha1":"5ee12569bc1b6b5a52d2e3b0d8f3dfaf3afc58dd","sha256":"89ff8fd42a5ec2792d39e6b985536866ce8b47b4072c973c461bbfc1c45f1ab3","sha512":"2ba34564ac6e7904bf39eec6fa8dbae4c998f090b58f1cc855f387db4f4f62b2022d7c132ebeb1fad1d736471cbfe8e253c8623532074f00d38f022c9953c671","ssdeep":"","tlshash":"fd3156542f053544e13fd3a97d78e6bfd70e92117b0b4c2f9445362a86ca25001dff65","first_seen":"2023-04-08T14:04:39Z","last_seen":"2026-05-15T17:47:01.987762Z","times_seen":406,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/css/modules/blockcart/blockcart.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/css/modules/blockcart/blockcart.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3364\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":16522,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"81d2265591dc7c4fdb16402993d59815","sha1":"295943b6027b8f7916725c9d3f6cb895b6570606","sha256":"90c1187eb7b3593ec3ff593c3c7444563ce7530a849570b7a96c7ff7a0e04fe4","sha512":"b52f9f809b1ce1b898d90834f9044a1f3e09701abc85c60335cd84ebe9425032707b4e7435e14f8d83247f65817281f8db110ffc0ab615fc15cf8e3c830bc73e","ssdeep":"384:7bblF/fidFbFyJFtgptOnEFMsvgAV8P4Mc3QlT6xK:7FF/KdFbF2FtgptOnEFMsvgAV8P4Mc3I","tlshash":"57721f8acb774d983091da996e6bb6c53214b913534c8df8fa4cb148df8d3d442b268f","first_seen":"2025-10-17T20:06:27.418077Z","last_seen":"2026-05-15T17:47:01.955835Z","times_seen":7,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.ui.core.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/ui/jquery.ui.core.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1740\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4289,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (4155)","md5":"739cf68f21c10e04cde3ad13fcff9063","sha1":"37737f32856e9d183a386198c78d49ba09b4278e","sha256":"98a1070bca0e81136719efe7c37a653e4389fe5eb81fb478c1b6c4c9018bea61","sha512":"cd19371fda39aba474fa1a641b7e17740d0605dd76f470fddd589fe0077470dd888c0d94833d0422567245994b7d66fdbabd041fe96522980aa7da8fe2c1b0c6","ssdeep":"96:3ETU8qSKnoEeVn9/JFOHyQXe+etgdJHEcBuGRKgbYtgkxKov0N:4U8E5ClWZLJusbUgmhG","tlshash":"ea9164ddf183b11196ef3375547b4a56f2bba885580d4024b05c84e83d71a1ae137f7d","first_seen":"2023-03-07T01:33:08Z","last_seen":"2026-05-15T17:47:02.005634Z","times_seen":412,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/growl/jquery.growl.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/plugins/growl/jquery.growl.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1272\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5945,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (456)","md5":"438ee258d8e1e6dab070eca70dd406e7","sha1":"2a7b3f2fc58921a9b041ed2816706f9d00b8e1dd","sha256":"9029b4302aa3afc64458ad4c534e985c2a987fc61274d56fe78dede9b0fc754b","sha512":"6d80ab8ea8af77c252add41947e1023f5ba7be448764ee9151993ec965e7b9e6355c576d28774c99a83559da84984f6d9813ab20787f8797b989983e3d62f447","ssdeep":"96:o2FKaU+w8Ls8hJFxpTngOJ2J0PFHjyHQ9qrFqRdfHWd0QM630RZ630156305V:o2KaUv8Ls83xgOJ2J0PG2qrkRdfHWd0h","tlshash":"5dc1470d7af6204586a7b37acfcf52097236450b6519d5183abc83e14f9246892effb8","first_seen":"2023-03-07T22:58:37Z","last_seen":"2026-05-15T19:43:03.716347Z","times_seen":185,"resource_available":true,"data":null}},"time_used":356,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":355,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/hotelreservationsystem/views/js/HotelReservationFront.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/hotelreservationsystem/views/js/HotelReservationFront.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 212\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":817,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"3bec969b309e14207cf9c86b53e025f7","sha1":"4d44aa507b22ab724be336a9c805ba2a8432df3e","sha256":"c0c4e5f28a35db118411a5864504e07e338c1f0d18948941a8d3f707d391f8a8","sha512":"7c74b0e27360a6b12e50f703dbde33ecf73a409e50d0adf388b5422869a82b5a3f00cd15e49a09dd77f3a58135c6c3629fd33db98eec6d923af9703d09e180c5","ssdeep":"","tlshash":"e20175549b738a88703be08b5f7e730c1b4542335386d965b90cd8547fd898f86349db","first_seen":"2025-10-17T20:06:27.279476Z","last_seen":"2026-05-15T17:47:02.031304Z","times_seen":9,"resource_available":true,"data":null}},"time_used":399,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":399,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.ui.mouse.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/ui/jquery.ui.mouse.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 839\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2841,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2707)","md5":"513bb6d79ab29c58ab1b32646216a3a0","sha1":"e387147ac78f8d540af81718c6832a5b84f6aa6c","sha256":"44a031c218436cfa24cb9be861133b0984ca2f73c67e0bfd81ccbc5dea0915db","sha512":"5728fc2830eea6319118194a98da55688319285afad278a594cd7776c5be9b40956b74739074903447e8131c9b589cf68eaee076df36b7dedee8755656c630e2","ssdeep":"","tlshash":"2b51698933209d8341932326d277ab077e3194e9944bd52cbb38ece8792857571bb5fc","first_seen":"2023-03-07T12:04:33Z","last_seen":"2026-05-15T17:47:02.051511Z","times_seen":293,"resource_available":true,"data":null}},"time_used":404,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":404,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/blocknavigationmenu/views/js/htlnevigationmenu.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/blocknavigationmenu/views/js/htlnevigationmenu.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 764\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2045,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"dfe9f8703609f0784a3fdfcd93d39149","sha1":"f0ea82f762fb06674b9ba969c83ff7aa96da344e","sha256":"81363681d559d08691e162ecbe59ca4bee7ad2a7626da7b294e0fd2951d6926f","sha512":"a4b96fe3a4d8e3d5c2103c786264014e531628ebc6835a29b3e232e5b85e6fb1829edf2bc66b4857eb13aed7b8b19cc7fd565e6ee4b7e5b51ad0d0c7e8705a92","ssdeep":"","tlshash":"6c4183a9e220a26740763416bb1a97aceb2ec0b5c60c96e5f8c0c58607ec73c53d6d72","first_seen":"2025-10-17T20:06:27.454859Z","last_seen":"2026-05-15T17:47:01.986567Z","times_seen":7,"resource_available":true,"data":null}},"time_used":304,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":304,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/themes/base/jquery.ui.tooltip.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/ui/themes/base/jquery.ui.tooltip.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 199\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":375,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"74dc316b0056155feeb3090bf2253792","sha1":"ba0d5f406ac2eb9d354ad231717683065b3c0074","sha256":"a235cff35f5c76ba4d75d211ee856b0d0ad99a6d2b05adb7c4e319e03815d51d","sha512":"553da06825ab4af8fb33ea7c9297c06ec108c1862275a8c66b1249920763a3815122953dfb135e6c6d7db8398bb6d5825233d093adce7edb65e08f0f547515bb","ssdeep":"","tlshash":"e4e068ae010b058da4a88f53dd69a2fa920f4246324f0c7ec448c2e84bda8a003f6f58","first_seen":"2023-05-15T20:09:13Z","last_seen":"2026-05-15T17:47:01.942657Z","times_seen":34,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wktestimonialblock/views/css/WkTestimonialBlockFront.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wktestimonialblock/views/css/WkTestimonialBlockFront.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 575\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1376,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"611789c760d0c38bebd76bb2f6ebee80","sha1":"026a26a5ed8b07f2162de7aac173dfbec8bc8104","sha256":"023f70a98f23d2bc6e23b8abd29c11bc5218b4ac6bdcca2e1ef0f1ec6eb75811","sha512":"12076f650439cfed25723fb02509d2008b14063f3eb0c24073e17e2ae5404cad328a48bca157481c15fd66767d502c237602b6d985b941ff4b28714cc7ad24b5","ssdeep":"","tlshash":"ed2163abd912d613e1112e287f075e19932c89fd1a46eb38a40116cac3d0235e2f3ed5","first_seen":"2025-10-17T20:06:27.430025Z","last_seen":"2026-05-15T17:47:02.003261Z","times_seen":5,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/tools.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/tools.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 5832\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":19326,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"8f7deeae16d80558582028e0a29e13e9","sha1":"b6931627b2e4e7c86ab07c4c62575bb972227906","sha256":"0fe1184ae2f714ae71867b9ac9b4f3b67f50f96ca7179e070434f1af841209d1","sha512":"1a6a8d40f4d211de7cde3400b12261c18deea4f43beebd55f59d17d73d9f40a5f10bb4c5b85b3e77e314bc04c530bff25df1483e8465560cc501e50b8e90a868","ssdeep":"384:Wy57W9KOucl4OfEVhOVMmgm1FnhwNh1ot3yqSrmNsdCU1KEGMH4t:F5xoMi3nhwN/QySsDKiH4t","tlshash":"1f920994fd454bab08ba2138454f420cfabda871b219c9d1f0cc42d027b5d7f92bbc6a","first_seen":"2025-10-17T20:06:27.595402Z","last_seen":"2026-05-15T17:47:02.011072Z","times_seen":9,"resource_available":true,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/bxslider/jquery.bxslider.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/plugins/bxslider/jquery.bxslider.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4926\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":19360,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (19040)","md5":"dce89db6989a4035940dbeb99d326de1","sha1":"9463e343d1d8a6059996fc5f421367dd7b952855","sha256":"165bd7d4a8ed49b1da3dea597a4ab727252be902366a47dc18c41472e5cd9dfc","sha512":"885780d0a0ff2ce53cff3837d870fbe392cbec314ca4fb8b1c0e92574239f7486a9044a3419a9634668cc75f75526df1f3da0244cb3acd4bb730260eb829591c","ssdeep":"192:7RbGoLN83BRKmfL+ClFVPDhjfHGTgiD3VARMWvdO34AgEJrv/T16OsQon05rzIHB:9XZ8WjOVRXy16/kXIHHSHruwe","tlshash":"2d92541b713436fe46b632b5b299cf487276908ac537f8f861b5d85819e8cc4301badb","first_seen":"2023-03-07T01:42:08Z","last_seen":"2026-05-15T19:43:03.754894Z","times_seen":1072,"resource_available":true,"data":null}},"time_used":411,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":410,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/owl-carousel/owl.carousel.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/owl-carousel/owl.carousel.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 10705\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":42792,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32045)","md5":"3ef5f0329c65e1c36879a6e98fc6fadd","sha1":"87ba95931fbbac29db329c78f1f183f23d84922c","sha256":"9a53d106f834d6b1a32ba2bcd2f10c5a864dc6308c124d243b087f3dbdf40b9a","sha512":"23674d1d033018c10271158d0c4dfea3c0b9795af2af266000f132771234889acd037a153711a710991710ec4a27419e41c86a4ee61cc8625672c3cf05693dd3","ssdeep":"768:SBA70MFA0c3db3FzkSRInLGhep2lcwJeL+CkbQdc75COpUQuiBt33:aAAMFE3dGMxAcF4DU","tlshash":"85137246b3202d2a869b61e0663f160bb23a291ce414507d7d79a6de6d7dc4c213fbfc","first_seen":"2023-03-07T13:01:24Z","last_seen":"2026-05-15T17:47:02.039477Z","times_seen":309,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkroomsearchblock/views/img/icon-dropdown-arrow.svg","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wkroomsearchblock/views/img/icon-dropdown-arrow.svg HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/modules/wkroomsearchblock/views/css/wk-global-search.css\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 463\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1152,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8a14d24a3718105234fd65f74139b689","sha1":"705379155f732632e0f3894ae0965d6b9cec7a60","sha256":"8d10b16e99ce3acef37f54c7b21733cc103a6b1c8a933b4d041ac80514f41154","sha512":"34a08c5ceeaf2a484b79859f1833801a870401c0b9e190c304a4426b5c74879cc5e693f4a14e3007e75fdafe7ef37a1dc8d01969cf57456f0166acbf3ae887ce","ssdeep":"","tlshash":"4921cbd814fe0028d40ac522e3f2ba4a4d7eb18b42c04c9c75cd1c49af708bb0e9b25e","first_seen":"2025-10-17T20:06:27.511669Z","last_seen":"2026-05-15T17:47:02.008476Z","times_seen":10,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/css/autoload/highdpi.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/css/autoload/highdpi.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 143\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":340,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d90fe52ca2e6be1871f4e8c4a44eb4c","sha1":"338aac1036e5f438bc89a80e415b122a3ac120a6","sha256":"34b4e6b432b4f9f5c03aeb99281649a2cd627c1287f26136fcd8d277beb1d207","sha512":"09be6327ec99d4d6869ee619352a44d8cd5e5ade6ed83867347dfb119a6bb267e50dd6d88ccf70e3d8ed1b1dbeacddca48bcafcbb5863bd70bee370a7f335d46","ssdeep":"","tlshash":"5ee0d817ab865507365e0c2618140293201b0c9ad230aebf20ee946897c9973e033708","first_seen":"2023-04-07T11:54:31Z","last_seen":"2026-05-15T17:47:01.941194Z","times_seen":528,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/css/daterangepicker.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/css/daterangepicker.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 868\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2729,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c3d45ac0f69cdd9ee8db89acd0933e23","sha1":"eb78cb5a600575a8624e0194db044a75368b51d1","sha256":"a8f9a0b1402391a6bd3db788a77b5b2e8fc049b6a9c2ef19773caf07526c8d93","sha512":"336e0078b1c5cd1678575ccf65ed5954db30cda6a5bc7f4db94c7a73c3b16ba590c7e2f37766dcb0d9ec1bbb9d9fe2e919c489288f2f44a9977b18fc81343986","ssdeep":"","tlshash":"8751cd49e6736d137427483d2b3d43992b3b043347025b6e7980a59c4b4cabc8bbed94","first_seen":"2025-10-17T20:06:27.63225Z","last_seen":"2026-05-15T17:47:02.00981Z","times_seen":7,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/i18n/jquery.ui.datepicker-en.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/ui/i18n/jquery.ui.datepicker-en.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 438\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":897,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"4a38655904f6c55da227cea464b55a2b","sha1":"b69c650bad329c3b36c255a5f61a0674726caa31","sha256":"39fd50b8e82d9c4e07949d85f901a44b0ce559acf2e48214fa16efb970ce434a","sha512":"a4593e04be2c9e8a2799b583c2d1fd67a21bbcc04b90dbdc55cf05cfc075ce8af71ec12ac19c817cca6cd4da1914edb46bbcdddf53a8590b8e18a85d4d080485","ssdeep":"","tlshash":"481144ea2048685f4b3117b77c2c6d098f2415c6e519c90be80d1a4b26dcc49dabafa1","first_seen":"2023-03-07T01:33:08Z","last_seen":"2026-05-15T17:47:01.95197Z","times_seen":69,"resource_available":true,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.ui.widget.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/ui/jquery.ui.widget.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2303\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":6488,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (6354)","md5":"2425a542e6dde093dd85ac0b5adc0141","sha1":"0bf51b3864ce01535ec8368d254052562fa7692e","sha256":"164551b6d92b71ef6c91202cfea2872173936cf3286d44bcdac1dc973ada0f1c","sha512":"79897707446b0f5d40078fbb053eb44c85167ff4312922e45f7247689c7eaa10fe34cd01bee95d9186905b74090f823dc7fc2687c5a2d6bffd6875cf3123b100","ssdeep":"96:3ETsGBP9MMhtYGoW5FK45KmZmDitpElQ6/V6dbxfADVk4g8Oo7AUUmD+tusHKN:4sGBVMMhthfd1ZmDitpQbUx0AfmDIus4","tlshash":"72d17988b256be8a5ee7e024103f610b923155edd0494c8cfc7cd8e96d7aa95b133f39","first_seen":"2023-03-07T12:04:33Z","last_seen":"2026-05-15T17:47:01.983037Z","times_seen":378,"resource_available":true,"data":null}},"time_used":395,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":395,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/blocklanguages/views/js/hook/blocklanguages.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/blocklanguages/views/js/hook/blocklanguages.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 523\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1192,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"33b0ff9e3b43478e3a6fbb00dc79a244","sha1":"3d911dddc29848a63c118d51b43d55b84ab7bf86","sha256":"2e372e6b101762ca84108d15be6543c102830f55789c5b0a7505ea11f2024408","sha512":"219091c6ad8fa90727512796d450fb52a787020365489d6c9b0d1785fd1d22bcd4ee971dbef0e2d2ed4932b10801f0de25344e79c1719955210bb76efb95ce80","ssdeep":"","tlshash":"bf21feabb8b0e32381261a447e0f2a49d72550fe5645b6a9f60c45c11b2432892f6cb2","first_seen":"2025-10-17T20:06:27.363966Z","last_seen":"2026-05-15T17:47:02.038214Z","times_seen":7,"resource_available":true,"data":null}},"time_used":399,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":399,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/img/icon/icon-calendar.svg","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/img/icon/icon-calendar.svg HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/themes/hotel-reservation-theme/css/global.css\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 482\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1241,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e6235fcee8f0b692792494e712e3ee42","sha1":"cdadfb13fb30da31c4a0e06c6b7a543f7740578d","sha256":"fe17f97f716d6b72a2f99d5904a7f105cbc5d419c9d2ae5c141f48a580426a13","sha512":"9a21c514ed45c3d4bda2d1928e9e7f7c1bdc5a134f26aadfa68520b3ae90ea5229b84b537eb7611d1ad2cc90ede4beb89f6bfd9a48779678da2801d0c76440d2","ssdeep":"","tlshash":"2d2166e425fd401cf1068722e3f5ba554e38b19786c40898b59c1a95af324bb1fdb2ad","first_seen":"2025-10-17T20:06:27.246857Z","last_seen":"2026-05-15T17:47:01.953208Z","times_seen":10,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/fonts/fontawesome-webfont.woff2?v=4.3.0","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/themes/hotel-reservation-theme/css/global.css\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-length: 56780\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":56780,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 56780, version 4.197","md5":"97493d3f11c0a3bd5cbd959f5d19b699","sha1":"1075231650f579955905bb2f6527148a8e2b4b16","sha256":"aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c","sha512":"bfe4679bbe5d1db21f6ecb2d6c2810dd02d3b698efdd50004cc355c1d0bc51de8dd102707c796b26e8250c600b4b64db88b67d3f28157777b68e36ad7930bfc0","ssdeep":"1536:zxwdj+K8kLkunGAASpdw6hsxD/G+zSIoiCQN+n:zxmVY6dwJThoiCQE","tlshash":"eb430269f84b577202275a0509ee0d34ef804962eef247fbb1fb90c5d6309ac1ea1b56","first_seen":"2023-04-05T09:41:17Z","last_seen":"2026-05-15T19:48:58.235076Z","times_seen":25703,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkhotelfeaturesblock/views/css/wkHotelFeaturesBlockFront.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wkhotelfeaturesblock/views/css/wkHotelFeaturesBlockFront.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 667\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1641,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"abf14f5d9c423378ced330b781a297e7","sha1":"4749c977e3226d6d961a7f704763d40dbb88ac30","sha256":"fef535afae69e10d33def20aa878b836fc2c06bb06ee3c7e973e469b9c69b67b","sha512":"7189b6664e017da66fe4f8136045f4a92f971c01c7c59b55eaf43c2407d55dc7eb8c5d61d1332fe219d59fe147fefbdb73b20f87e71b4a338705fd8a3f341934","ssdeep":"","tlshash":"203186dbe160e227d00699047e063715a31c81b8768efe7dee8114c89a90774dab7a89","first_seen":"2025-10-17T20:06:27.268527Z","last_seen":"2026-05-15T17:47:02.043315Z","times_seen":7,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkhotelroom/views/css/WkHotelRoomBlockFront.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wkhotelroom/views/css/WkHotelRoomBlockFront.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 905\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2461,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"775d600cae717f62acbb3c2f92974e81","sha1":"a84f722d50802f715a783b235c23e4810d49c20e","sha256":"2a9e92c9012d12d7d0b6d921be10d0404186c7d082066078779a9f6e179ff38d","sha512":"37fed86ef4f68672a60b8521642ad4f46224250695b03e0c658d058317a42e42674fe15ec0eadca406dd3fb1b3248439be5dfb15e5824336ffbe88a44e8d3e32","ssdeep":"","tlshash":"285165bbb9235206e107196d7fae3a8f331c08a7650ddf68bd4e1184cf052b96095bca","first_seen":"2025-10-17T20:06:27.425221Z","last_seen":"2026-05-15T17:47:02.001409Z","times_seen":7,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/jquery-migrate-1.2.1.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/jquery-migrate-1.2.1.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2876\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7199,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (7085)","md5":"eb05d8d73b5b13d8d84308a4751ece96","sha1":"743052320809514fb788fe1d3df37fc87ce90452","sha256":"1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d","sha512":"7b68a43a22a41404a2ff58e0da6a237492cad0fc3e56d216980802b4d5fb483895262a7e049340d6670002bdf899ba88c319239e60d0aae1ac31d98556b0ad6e","ssdeep":"96:tBySz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:zySzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"3fe196dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","first_seen":"2023-03-07T01:02:56Z","last_seen":"2026-05-15T20:21:01.472401Z","times_seen":22350,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":264,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/fancybox/jquery.fancybox.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/plugins/fancybox/jquery.fancybox.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 9519\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":38949,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (394)","md5":"03268cdfc8a9f383b8e46d1a6e0fa752","sha1":"c232a118587cd46678fe840de1f7e4304665bce2","sha256":"004d0a5acf9045fbc27894c571811b8350488be7f0b12d958bb7699d6899792c","sha512":"e5107ab7fc05f61fb27c0692a53ad2263ae5d681c2398653cfa0f3662868d3ccd0ab4539c209da5dfd639d769a6e180d682c39f391138d7a0f2cf1dc14ffaba3","ssdeep":"768:zZ52VWQaDhcgnbolYopX60Oidi1E6T64clsszfYbI6v0isOy:d52wbouoBhOidcO4cCQOI6v0isOy","tlshash":"c003c65662f32476902bb16a8f6f85087231441b8f0aeca53d4ce1944f485bc5bf6fee","first_seen":"2025-10-17T20:06:27.308026Z","last_seen":"2026-05-15T17:47:02.044176Z","times_seen":9,"resource_available":true,"data":null}},"time_used":396,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":112,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/validate.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/validate.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7558\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":22104,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3255)","md5":"44c134a90bb118d006fee3c40ec4d262","sha1":"728dec803dd979bed3de949f00011be2e1718fdd","sha256":"bf583320ff85a1815dd3cde044d16bdbc574e81b3a3d1aec8313ecf4f2b34060","sha512":"146330fd35efb9fc25f804c20f1e741f99d8f139ac13b22a011cf0f40a8553fa3a450f48b9ed3bf5927977379aee4c67df93650ecea7ad95a34537ba9c17c61b","ssdeep":"384:ypBp8tRAseMOaOrsRYuglxZaaAbfBkd2IalnXFBp6aPoeF02/h4b77Nv:ypBpoX4XrFaaafB+2Ia1pW2i","tlshash":"73a210dfa3f59b9d1b79a0dd4e3cd8ad45f949604075f074aafe62cbb24903c60e8860","first_seen":"2025-10-17T20:06:27.284523Z","last_seen":"2026-05-15T17:47:02.016264Z","times_seen":9,"resource_available":true,"data":null}},"time_used":406,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":398,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/img/hotel_header_image_1764161806.jpg","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /img/hotel_header_image_1764161806.jpg HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Nov 2025 12:56:47 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1195501\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1195501,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 1600 x 781, 8-bit/color RGBA, non-interlaced","md5":"9b5f6cd28420ac885f6ba1c415d4fbe7","sha1":"3609683bb4b75b3c5e4b3431caf6a8827808da3f","sha256":"d27f8925f09acf646631629780cd45af8dabbad547b6a3b6018afe6f1d0ffa6f","sha512":"a64b620332df6f27fd3b8737bc8b8dca4d9b5c30f7454da21bbda086a3ffd89c4aae6ce1ea922f49ee44a02d69f96a80160782af30f2d2e542cf0852e23f1a9d","ssdeep":"24576:VAxgihZcFPt7BfgHaDp8hIjPyrk2qfDKuLMrCQL6R8E0NenU:VAFhyFlFY6DuIbyrkffDKEMdL6R8E+eU","tlshash":"e92533d2e3b44191cc2988561d13bf0ba1c9e3eed728b08aa06587b4750b6b5cfcf647","first_seen":"2026-05-15T17:47:01.263874Z","last_seen":"2026-05-15T17:47:02.053478Z","times_seen":2,"resource_available":false,"data":null}},"time_used":477,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":122,"receive":355,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/bxslider/jquery.bxslider.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/plugins/bxslider/jquery.bxslider.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 868\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3363,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"4cddbc28514be3683e4a9a3fda3d5eb6","sha1":"0cbdce57302e90e3a52d77fade7801030bf59267","sha256":"8f345def25e5d172060d7a1df95831fd9dd1d660b06208f2190bf9d01ebd2e11","sha512":"f057407429d2c536c02e2663c5d732ee67ddbb5b98959bdf4301082c2865fb2b53f26002e3ffc1bd01f88f0d13ede13a6e5a1eea28f8280c7f002bcb505c1a5d","ssdeep":"","tlshash":"98618bd51bb66655651ae07c3d06c39d2a388013af0fccfcd6e5b92ccf8d9c20223698","first_seen":"2023-04-07T01:17:08Z","last_seen":"2026-05-15T19:43:03.783683Z","times_seen":605,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkabouthotelblock/views/css/WkAboutHotelBlockFront.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wkabouthotelblock/views/css/WkAboutHotelBlockFront.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 811\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2240,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6920b215606c75250ad1d1809588f48b","sha1":"bcd2d10adfe9dc0937f4a5232342cb921851eabf","sha256":"903ed84f523d836e76627cde28f9e074ce0df00d3a89a5ec1bb1f114f04c45ff","sha512":"c33c5bd1105f4072e4758e602f779ea44e7494a06cafc8b782c71f84dae7ea81db0aab7eca19c3be2fdb93fc8408ac9c7fd8b2fc1a348036b1c6cd404c48b28f","ssdeep":"","tlshash":"b14165f671271a575407d5582f1d0316771d0098ce4ef51dbda125808fea2a4c2abbd6","first_seen":"2025-10-17T20:06:27.640673Z","last_seen":"2026-05-15T17:47:01.988468Z","times_seen":7,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/blocknavigationmenu/views/css/wkFooterNavigationBlock.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/blocknavigationmenu/views/css/wkFooterNavigationBlock.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 512\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1140,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a11209c90a17e4187a483874a9476518","sha1":"73feba19843a9136a9ae43c67dea92c3d4029ff6","sha256":"fafc698a86f67a7d7866e7c568e0ca402ac1d8236afac7df4ebc1395acd8a3ad","sha512":"86b7baa87fac3503b91171fc95ffbda206a519c8b92cba50c42fe626df1ee51bb5b1258f66069d0dc4ab32b9660a2b89fa6f7951ea220c1b08c031b4a498b35e","ssdeep":"","tlshash":"f02111fbf971e223e1210e09374b2a4de338c5fd8514d6e9b1094680572533496f6e96","first_seen":"2025-10-17T20:06:27.478423Z","last_seen":"2026-05-15T17:47:02.024113Z","times_seen":6,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Oxygen:400,300,700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:41 GMT","end":"Mon, 13 Jul 2026 08:36:40 GMT"},"fingerprint":{"sha1":"02:32:5A:C8:A9:9E:51:3B:E6:B9:C2:90:57:59:03:86:2E:5E:AF:0C","sha256":"B4:3F:61:34:DD:CF:DC:F3:4F:B9:A3:80:2B:A9:7F:C1:65:62:81:5A:B1:86:17:32:64:43:A8:E7:64:F6:2D:D9"}}},"request":{"raw":"GET /css?family=Oxygen:400,300,700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 15 May 2026 17:46:35 GMT\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2377,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"8318295ab5940996fe404a2321ef9632","sha1":"61a1db90cfbdb9a6d010ec3bc2a1a1723f320897","sha256":"73a2ebba09d00035c36bb442fddbc1cca64ef153c1f1a6697d20d18e943dcc92","sha512":"6fc67b6e2854be9e56dfb433b24217819ba18198e4f7b9682aee36f10f5e16790a52f3ab32fc56dca4fbd633e3a5fde31c0174881c7c5cc61329081a8d8d7769","ssdeep":"","tlshash":"8241fe920c2bf514a7930dc112ca7d33ef1f629164499834aefe189cbcabd259356b4d","first_seen":"2025-09-05T00:59:45.515482Z","last_seen":"2026-05-15T20:22:37.922559Z","times_seen":766,"resource_available":false,"data":null}},"time_used":408,"timings":{"blocked":126,"dns":0,"connect":28,"send":0,"wait":48,"receive":0,"ssl":203},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/img/aura-guest-logo-1764028092.jpg","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /img/aura-guest-logo-1764028092.jpg HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 24 Nov 2025 23:48:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 46836\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":46836,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 516 x 255, 8-bit/color RGBA, non-interlaced","md5":"1de691c5dc9060fe6bbf0baf5cf94cfe","sha1":"9b1ff485441257c2a8a60ee4a9f12f2ebcafacf7","sha256":"67aa730c16999d1063b16213c168dc6d380e9cba95b1f6f5456a7db974e5d08e","sha512":"45a912061c195d47109fd3c45bdf0dd93d3e619ae44d8b08108570b9e21c986a704ead24e22b42ceb2e83b713cc990501c155e3b6680cc32ebc2aa29bb85dfc3","ssdeep":"768:bcG+gVBlsPlhzXHVSc9LgJZPVV+tHPym7Zfo9wd9Bhrj9TZn27H5Ok:bc4VBlwlhoyg3T+Ym7Zfp9BFNZ27V","tlshash":"ac2301e2bbba0194a192da7d6f689072d8cf7a1725c78530673a3d90c950dbfc1b8f44","first_seen":"2026-05-15T17:47:01.272469Z","last_seen":"2026-05-15T17:47:01.99611Z","times_seen":2,"resource_available":false,"data":null}},"time_used":420,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":396,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/oxygen/v16/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:40 GMT","end":"Mon, 13 Jul 2026 08:36:39 GMT"},"fingerprint":{"sha1":"7F:B3:C1:48:F4:27:B8:68:3C:19:02:13:E1:6F:23:04:AC:C8:65:17","sha256":"FC:08:6D:DD:C4:AF:25:5E:6A:51:A0:A1:4E:27:4A:FF:E3:A5:37:ED:A4:1A:33:C1:27:48:DE:AB:71:AE:5D:2D"}}},"request":{"raw":"GET /s/oxygen/v16/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://auraguest.lk\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 16152\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 10 May 2026 11:00:31 GMT\r\nexpires: Mon, 10 May 2027 11:00:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 456364\r\nlast-modified: Thu, 04 Sep 2025 17:08:52 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16152,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16152, version 1.0","md5":"233b219a1a4059fef591a77b01a04cae","sha1":"1f7e0508041ab3f009343e7b2fa119c10ae9907c","sha256":"4414b63c51aaef6d5d77ef9b45d9a936e476ad3a9902e046cf7cb8af05ce72bc","sha512":"12063b60fc3e15769370d063aabcb06c8f586af7fed476247c16a91b95ccdaa48747d72576b32b0dec6639fa48c2848d948983e3a17876ceed3ec668efae1285","ssdeep":"384:0pmXmslQc1mSrtvli0I0k7aG0tbu/zMtpozw0xYkkP:omXmsHdr7i0ZMaG0tburMtpqVW","tlshash":"b572e019aba02e0f78038bb312035954f34be55fed0bf7fa1d2aa191766bc003557996","first_seen":"2025-09-05T07:00:18.503878Z","last_seen":"2026-05-15T20:22:33.886741Z","times_seen":3331,"resource_available":false,"data":null}},"time_used":364,"timings":{"blocked":172,"dns":4,"connect":16,"send":0,"wait":16,"receive":4,"ssl":149},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/oxygen/v16/2sDcZG1Wl4LcnbuCJW8zaGW5.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:40 GMT","end":"Mon, 13 Jul 2026 08:36:39 GMT"},"fingerprint":{"sha1":"7F:B3:C1:48:F4:27:B8:68:3C:19:02:13:E1:6F:23:04:AC:C8:65:17","sha256":"FC:08:6D:DD:C4:AF:25:5E:6A:51:A0:A1:4E:27:4A:FF:E3:A5:37:ED:A4:1A:33:C1:27:48:DE:AB:71:AE:5D:2D"}}},"request":{"raw":"GET /s/oxygen/v16/2sDcZG1Wl4LcnbuCJW8zaGW5.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://auraguest.lk\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15744\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 14 May 2026 04:44:20 GMT\r\nexpires: Fri, 14 May 2027 04:44:20 GMT\r\ncache-control: public, max-age=31536000\r\nage: 133335\r\nlast-modified: Thu, 04 Sep 2025 17:08:51 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15744,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15744, version 1.0","md5":"4239761430468fee934b6717afef3a04","sha1":"d59081cd24fb9453c750a889d1e01be0d223552f","sha256":"4d89bd3c8d5899d63dfb32a54aa1191aa7174c58e6387bb6cd9568d0cf4310ac","sha512":"61daeef45b171f09d72558e6e1e644a1edc6a97f535bcd0e766ec3ccf01a99255f2f7aeb9758c6b85b17148a3b69df1ef9f5ea6547754a5cf77b2a8fa8d1908a","ssdeep":"384:V8loG4AltX4BdFu4tYX67BNX1scL8qo/z5jeCnB8KB5heN2flA:VSoG4Al14BEXoBh1B+rl5IN2m","tlshash":"8562d1930b2bdf94dcc2cbe6076f29c91d0af913c54275cf496eae510e68546c7c42e9","first_seen":"2025-09-05T07:00:18.559409Z","last_seen":"2026-05-15T20:22:38.009092Z","times_seen":566,"resource_available":false,"data":null}},"time_used":333,"timings":{"blocked":156,"dns":1,"connect":29,"send":0,"wait":18,"receive":2,"ssl":122},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/hotelreservationsystem/views/css/hook/display-nav.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/hotelreservationsystem/views/css/hook/display-nav.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 535\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1217,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3295e6fc035cda51828a4afda4dd2194","sha1":"37dd75ae5ca3409998f03c8a54791b3b0ceddb90","sha256":"3e787f664905038ab8766d821b8a535fcc96cd38a5d0503785360ac5a23e39a5","sha512":"4560f94d654bad94d26aa54cb6918d6f5ec06d114680a931042c11825b59c53571b72811b9c1457ae2a17394661067729a5627b946bdc163e4d1403afee11095","ssdeep":"","tlshash":"962154e791b0d63781012f88771f3749f32881fd81489f99b40445c89b54735cab3c9a","first_seen":"2025-10-17T20:06:27.357036Z","last_seen":"2026-05-15T17:47:02.033156Z","times_seen":7,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkroomsearchblock/views/css/chosen.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wkroomsearchblock/views/css/chosen.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3068\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":15870,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (662)","md5":"f156875493229ea04b0acef6cf201a44","sha1":"3f53b0ce7fcdf57ee2dd2609e425c5908197d0b0","sha256":"e9d668eee3e7813bae35fd22bdc55660354d646b189fa530c18a2a260ab14080","sha512":"f35fa129ec2d6bcb995c2d44f27a1adc525ffa27dfb8202776c33dfa2c77d13496b5baf6c884a33cf4e53bdd8b7ed2ef62505e33c03790e72e8b02512b1bcb8e","ssdeep":"384:7CdXjK+kqRvWkKZFm9WERvKKwwFDRvKKUCCgRvWRq:7CdX2+kSWkKZFm9WEKKbFlKKUCCIWRq","tlshash":"25623e9a9ff12a1978f381fc68151687633588d1c20ceebc2eb730d8eac49e15067f58","first_seen":"2025-10-17T20:06:27.436754Z","last_seen":"2026-05-15T17:47:01.949621Z","times_seen":7,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/blockcurrencies/views/css/hook/blockcurrencies.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/blockcurrencies/views/css/hook/blockcurrencies.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 614\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1503,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"8c4cf025dbf0e5fba5c97e1792acb103","sha1":"3485bc634bfa23360d91c1b63f33df6881bd5b28","sha256":"8e325f133af8c7dbdf26ce8107caade2a0e8017b82d4c92af5e8a58431f4d45f","sha512":"136ae80f48a69056de3e87c03fe5858fdabbd275a4965fa598aa346a69f21041480457780361a6563a95972b77608dd64a6b1bf13c9e5dd1e6cd31571414a0c5","ssdeep":"","tlshash":"6b3162fbe671abb3c0610f447a4f5a4ed33a61a99248a6aaf0089085171c36194f1ff5","first_seen":"2025-10-17T20:06:27.298711Z","last_seen":"2026-05-15T17:47:02.055101Z","times_seen":7,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/jquery.easing.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/plugins/jquery.easing.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1088\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4955,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text","md5":"b02bef6a62053b45babfbda795b6eac0","sha1":"3df9034ec9a2ff4d1964be64c4753cf4628affb9","sha256":"91fabad8aada7dfd913da46fffba65e16f37e97fbe07612e16acba215cee6c28","sha512":"0d44d0cfdd32f419dd0b9fef47c391a1b09544d599b6095fc610b25a813ab1214646f34cf6d073c5349a45fb200e713d62ca3364a12cfabc15b5b6ce6682bf6b","ssdeep":"96:uBmbQlcQgliUtaq2xsv0jAeAWFdTGj1GfsS:pcAsfAyd","tlshash":"76a1519cb7d5b21b8359f2709a3e0d0fe2646427856ea82fcc4c4495ba7c335c269d7c","first_seen":"2023-03-07T01:33:08Z","last_seen":"2026-05-15T17:47:01.973563Z","times_seen":832,"resource_available":true,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.effects.core.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/ui/jquery.effects.core.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3474\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10950,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (520)","md5":"d5112dfa4dd8e8f8067081cbd8be3ae3","sha1":"8ab0191288ad51bcc8f8204d4df1eb306107e0a9","sha256":"e4ad6667a90a0f510062deae1e8f5d2db739add56c6d8aaaa16e9ef50f339f54","sha512":"3972679252ec804cb7956fee9fda2aeda0943a67472e49e33283d071c46a89fe8f0148b44f9452191a13f7d2db6f0c321456ad533bfe7fe168a8fd34c50a3ace","ssdeep":"192:o3xsrSubMGx75h2+CGaWZ/yIuDHNoOqmY:ogSubM4h2+mRWV","tlshash":"4b3271ee75d3b0a543b6b2a5402fa106313ea865748d5840f173c0e6bebd66d8137e3e","first_seen":"2023-06-27T05:58:45Z","last_seen":"2026-05-15T17:47:01.974184Z","times_seen":32,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkhotelfeaturesblock/views/js/wkHotelFeaturesBlockFront.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wkhotelfeaturesblock/views/js/wkHotelFeaturesBlockFront.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 745\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2142,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"2f47cb7721d76e59241e0d691430b411","sha1":"443e8a498d2bbef27609b951a02b2f81e79e543e","sha256":"eb0eb82217a3ce49ed405bcc5a99a2503131a6e1bf5c20930c8284689147560d","sha512":"7f348f217826d8e8934dd9517d11e6a2d04142a9dcc6d7eeaa9118d644aed26de6a8a6ce26c0b53403611d513641a803d1454adeda3a6a27be41b933a2660e2b","ssdeep":"","tlshash":"b94144b7db30ba3fc432999f6d5e770e671441b82743c4b9dd44c8cd2aa852933b581a","first_seen":"2025-10-17T20:06:27.384024Z","last_seen":"2026-05-15T17:47:02.007162Z","times_seen":7,"resource_available":true,"data":null}},"time_used":314,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/img/icon/icon-users.svg","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/img/icon/icon-users.svg HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/themes/hotel-reservation-theme/css/global.css\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 693\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1903,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"70e7958ebe09007b75689d8e013955ae","sha1":"a2536a4b3a517a4b451505bbd093c79407783c00","sha256":"c196f9e722db3de79bd7ae3878137e1b50126b96fd281eb18d1f14c1ee50268e","sha512":"1b4a1570af17d27ddce82a42ffa265d0e7ce7de06248d85d587ea3ad7900d1e97836e42cb2685dda34774afe5ef8c502ed1b30e7639e34ec60595ac7334b069a","ssdeep":"","tlshash":"ad4120e221fd0568f9038716e3e37e751f2d705793c00454bdad2de16f215ba09af299","first_seen":"2025-10-17T20:06:27.606622Z","last_seen":"2026-05-15T17:47:02.054449Z","times_seen":7,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkroomsearchblock/views/css/wk-landing-page-search.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wkroomsearchblock/views/css/wk-landing-page-search.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 848\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2161,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"771333d35b026efd4ea7dc405ea0d938","sha1":"a40441e1e0527dc9ad476ff35ba905fbc423268c","sha256":"7ba6d33be014f2d5edd3116a29636dd8ae5546c2c17c7c8f5de337a836a8b6cb","sha512":"86373b5d35ed81c2c0060b509e83d4ba5689cb6c6212736dcb849f6c0365f520acb21a0c735fbd91d29f3993c5bd3f45da57a6f4f351e1ff7987514f265c3966","ssdeep":"","tlshash":"cf4195c7e3b1e309903a5515fd0b2f49b31340564a4febedf680d0999f942a04373e84","first_seen":"2025-10-17T20:06:27.441426Z","last_seen":"2026-05-15T17:47:01.950888Z","times_seen":7,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/css/modules/blockuserinfo/blockuserinfo.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/css/modules/blockuserinfo/blockuserinfo.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 596\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1375,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d77e895fa865c02908bd5817b5437855","sha1":"b6bb86189988511041a52f9f294a6b4cd04f7efd","sha256":"00f724325e6ed4078ce878ed1926f45f9f6d04c4708388432f049deb1f233b88","sha512":"bbc654eea115b37a3c71446faa56a94af93118caba948fafcf1d0de077369f195595ae8aeda7eb4e31bf1b934b0795e5005a3850deb01100c6d4aedf0ee8c35a","ssdeep":"","tlshash":"be210faba6b0d227a0150e403e4b7b8af71845ac52449afde91184c9d3153a5a1f1dba","first_seen":"2025-10-17T20:06:27.473984Z","last_seen":"2026-05-15T17:47:02.055843Z","times_seen":7,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/jquery.scrollTo.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/plugins/jquery.scrollTo.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1241\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2676,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2505)","md5":"d58fea835d9825c614aa670aa89b6422","sha1":"6598492c176fc947af16f9a706729ab1e6c13de0","sha256":"68923c9df1ee0bf9a89caac9af95cbc30fdbf1d836c811f6b60f542df0ae4055","sha512":"78e9fbda0ea0ff07f48d7b005d6b5be25d392ce28e780723ec5ffcba27216dc2298f6ab54787a56c693a88e57f2763b7c5ffb78ace29d0788d2a41a2408932d6","ssdeep":"","tlshash":"7c51c7987502710043dbf86a30ef4305aa7da5f3f00ba950520c88d4ad74a3a057bfed","first_seen":"2023-03-07T01:42:08Z","last_seen":"2026-05-15T19:43:03.759152Z","times_seen":698,"resource_available":true,"data":null}},"time_used":410,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":410,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.ui.tooltip.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/ui/jquery.ui.tooltip.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1614\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4781,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (4647)","md5":"4fbdb31340b01c249a0fe5112e0eeec9","sha1":"fe3d6e2b7fcb042dd322ae460a23592414e54cdf","sha256":"8e0ba6f3a82166e4b3091aa4f8e17f9bebfc1571239cdb7fb5168163bbd2641b","sha512":"112825c8f49b410990f4d6ba1f6fa354cd9362e70f9a78d2790f1ebabe77afbab032c6253deebf6545354867f0c8aa60caf3b5bbc6bd1fa1d8fa495be7ddb608","ssdeep":"96:3ETkU5cMx9Hq71orcoupHmtEYq9q0NGQex9jN:4Uo9HqarwNGQi9Z","tlshash":"c6a1531ff2637390b6e76161107b620d6033645e60c5453c3929dafe996dd48b3b293f","first_seen":"2023-12-02T10:45:11Z","last_seen":"2026-05-15T17:47:01.945919Z","times_seen":18,"resource_available":true,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/modules/blocknewsletter/blocknewsletter.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/js/modules/blocknewsletter/blocknewsletter.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 739\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1904,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text","md5":"c79c8f0cd46224ef50f5beae3e52a46e","sha1":"8720f4409d1440d9a723862d20176f6c9df92e74","sha256":"bc70ad6460114345e69a2276af47405f5bbd54d2d5b9e79d494614440cced523","sha512":"13a9b22c8dc9886c1847511bdf74110e720bb2d6f0496f7792d5f1076f27d2fae15dae84a786c7f8a8c083c36738217c73506d4c61f45b5c832c79937b7244ee","ssdeep":"","tlshash":"5c41856eb572066382b3a8243d7f3848931504af1246ba5db50c46d06f1823cedf5eaa","first_seen":"2025-10-17T20:06:27.368916Z","last_seen":"2026-05-15T17:47:01.97512Z","times_seen":9,"resource_available":true,"data":null}},"time_used":405,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":405,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/plugins/fancybox/jquery.fancybox.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/plugins/fancybox/jquery.fancybox.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1258\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4895,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6c55951ce1e3115711f63f99b7501f3a","sha1":"5f163444617b6cf267342f06ac166a237bb62df9","sha256":"968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd","sha512":"4bad47c444bbbfab71fe6f2256531965fab3fa41c74b3096cf732c78a0653f448dbb59b153786e9dc14106c355dde7e5573a907c9f06bdf1ed33b2fead49e70f","ssdeep":"96:GKXaoFzzzQFRlRdrcNMo0Oy8ri4cSX2W4Leyg6o:GKIFX7rQitLW","tlshash":"f6a10e6b6a503a04643e9e54df2fda46d63f2482a60b4dfb615cf92883d97e050e3dcc","first_seen":"2023-04-05T07:58:25Z","last_seen":"2026-05-15T20:21:01.515505Z","times_seen":8437,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":77,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/blocklanguages/views/css/hook/blocklanguages.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/blocklanguages/views/css/hook/blocklanguages.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 613\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1496,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5553478a78eae6bf95793fecfb2cc87c","sha1":"7fbe49d823e694e7bf37aede91003b73e2d73371","sha256":"c20f54b6b3f6ec856dd41f14e6bf5ccc277eb1f8e0b669d6446eb7d4e56a0284","sha512":"93b3315947fca28ed7078a9f14651b21e75d4eda0bea0ae1c8b376c056ed64ba2eeb5da9db15af831f403743ba4459e164c7c39775cad26a058713887c5b020e","ssdeep":"","tlshash":"3e3165ebe661aa7361510e403a8f6b4ed32950f9820cbabff2049185179c37154f1fe5","first_seen":"2025-10-17T20:06:27.569022Z","last_seen":"2026-05-15T17:47:01.954197Z","times_seen":7,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/jquery-1.11.0.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/jquery-1.11.0.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 32429\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":96381,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32341)","md5":"8fc25e27d42774aeae6edbc0a18b72aa","sha1":"b66ed708717bf0b4a005a4d0113af8843ef3b8ff","sha256":"b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682","sha512":"87d90a665c15d71ac872bd8bc003d9863964c7ec7ada6370b902b93c0bbd7770fe25730d946c7c6a465baa95efa74bc0e78af3f83aea615af35060cc8702a6c1","ssdeep":"1536:EPpEy5BMibZGOj/bEe8v+/UWf4IhvAuCh/jqkODZ2D5N9Rag0MOIdSZAgtgoX5Yn:bIO/e2D5c4LgtImLja98HrK","tlshash":"cc93e8d9b6d2706297b730a851bf510bb17698eab80c4c60f058d8e47eb4e8d507bf2d","first_seen":"2023-03-07T01:02:10Z","last_seen":"2026-05-15T20:32:34.865339Z","times_seen":25730,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/jquery.ui.slider.min.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/ui/jquery.ui.slider.min.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2709\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10202,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (10068)","md5":"f1b234712eabc4fea71eaadcf2e73ffa","sha1":"d90f5c2bca1661edc707750ee678803ceda645e3","sha256":"be0ee630fa58714236ddcb03dd6af06442c34935a3eee826c8ebf91a92b81d21","sha512":"798c7eafa15b5241f97a16e0c4d0bea1f44846e0c3f88be7c49952b343c13d7c8867d61c647c062651af65842ceb0ce0308e3fdb360aefa8d57668427263fd31","ssdeep":"192:4UBIDsASfjQwY7CCMTflHhmD8hGL0EeVnDFIc:4sID78jQwZCILmD8hGL0EedhIc","tlshash":"8b22744b320b6b1116aae2b15a3d98cfdb7753c8690448ccb070cbce556de4991ebf78","first_seen":"2023-03-26T01:07:23Z","last_seen":"2026-05-15T17:47:02.045864Z","times_seen":269,"resource_available":true,"data":null}},"time_used":404,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":404,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/themes/hotel-reservation-theme/js/index.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /themes/hotel-reservation-theme/js/index.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 506\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1084,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"1a3d634a9c0b764bfb59221d20a37681","sha1":"727bd74b1724bf42fa5d10a2da0441cae50bf604","sha256":"25c61c4e8f2ca4915ba266f33ef6daa9a3c66c2a0b2c8f1ddb276c5ca9c374c3","sha512":"f619f675bac53630c31cb7b484e04b1a2553586468261d999588e3eb3c3b22918378cc14a79b3f951ed939cd375452a0de53974c5d4a759c790bc6090136cf01","ssdeep":"","tlshash":"c911f0bab5195223a732de287e270a4cd3454cec6356b4ac55080bd4233562995f6c7b","first_seen":"2025-10-17T20:06:27.45923Z","last_seen":"2026-05-15T17:47:02.009257Z","times_seen":9,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkhotelroom/views/js/WkHotelRoomBlockFront.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wkhotelroom/views/js/WkHotelRoomBlockFront.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 947\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3083,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"d8080a07e5df4ba566604257dc78da98","sha1":"2fe25571f9ca3385d7a74eb5661139b9c851ade4","sha256":"bc92114f2728efe419d6ece009a11ee047875dabbb1c28ab373bb458877e8a40","sha512":"3b91da843a1f76fac445be5c3a03914199003aec7496aec16e9c266911eeac7c2a736c65894a13def4cb4cf2ea0d8bbf7f0d1a4d5c6ca365e32c553e2b88ea1e","ssdeep":"","tlshash":"a85136adbae671e08073376b7b9b268bb5344aeb400bc704fd4f45d10f50138a56e5e2","first_seen":"2025-10-17T20:06:27.323354Z","last_seen":"2026-05-15T17:47:01.946954Z","times_seen":7,"resource_available":true,"data":null}},"time_used":402,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":313,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/jquery/ui/themes/base/jquery.ui.datepicker.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/jquery/ui/themes/base/jquery.ui.datepicker.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 816\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3702,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e52f90a4d1492b9148ac71687cb1e9bf","sha1":"7d8e438c1d79a298461e3a9b6359f126288c1413","sha256":"c3530f15e82202c988d4b9e7b85342587446fca0ffb4541bb7de823e2c2e8ad3","sha512":"55ea2874f6a7d7e319d2105ce639c6105e3a9d1d6094ffd33e517ec723ef1d7f333c8981bbdb8afbb6d7d4aeff9755cfcd10a9ee552d09f918dbbaa5091d999d","ssdeep":"","tlshash":"c27175743a132e5fb03751a598123ffb7b0f020faabae82f7459102547ec05782ee185","first_seen":"2023-04-13T04:45:52Z","last_seen":"2026-05-15T17:47:01.978649Z","times_seen":149,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/js/owl-carousel/assets/owl.theme.default.min.css","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /js/owl-carousel/assets/owl.theme.default.min.css HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-length: 157\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":157,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ea1d8e806ea66dd86770426dd4889c25","sha1":"f7752616e77cb85aae56a6d6094ed63492ab9c37","sha256":"46fb6114b71bd6533b339d1fc176fc0bf297058fccb8e85ff45b7fd776b48b16","sha512":"dba8bb9fe7771be8b8647f2b94d2ff21a3f370575bb00e867fccae2fc4613307a591505a48a9cb510b2c0b314e474be746cec232d951d22f3e1f00494bf912b7","ssdeep":"","tlshash":"a2c08c76308428a60fc31eeecc617096ee2ca80ae846188184f746a04a2800811a4d3e","first_seen":"2023-05-18T15:11:43Z","last_seen":"2026-05-15T17:47:01.97267Z","times_seen":60,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkroomsearchblock/views/js/wk-room-search-block.js","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wkroomsearchblock/views/js/wk-room-search-block.js HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7217\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":44803,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text","md5":"ec0e71bba904d450c2867b0f80487740","sha1":"f2d50c8ff583a750fabe507a7fe496026a283b65","sha256":"910269e32c4db2ba961a8e3897a4b73129530535a13abffb740e67ffa6a6dfdf","sha512":"e40a55ac6683b74746a064e6bce77b6163633f00cf22e52d276d6a4edbb9271d3ce44facebbe72553c164e196362b555db84308b1c3c7c5d405e0b6dacef2f20","ssdeep":"768:78WAUYPCuYVBZDjxFf7abS1sk1aFswLpnpRpEpopGpJG1qEjjMSl:78WAUYPCuYVBZDjxFf7abS1sk1aFswL5","tlshash":"04135119b6f312521977343e0fff524426a6404b4605ddc9be9c86c02f94a6cb7fbb8a","first_seen":"2025-10-17T20:06:27.645043Z","last_seen":"2026-05-15T17:47:02.006583Z","times_seen":7,"resource_available":true,"data":null}},"time_used":402,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":397,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auraguest.lk/modules/wkroomsearchblock/views/img/black-opacity-5.png","fqdn":"auraguest.lk","domain":"auraguest.lk","tld":"lk"},"ip":{"addr":"209.133.215.178","port":443,"asn":29802,"as":"HVC-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auraguest.lk/","date":"2026-05-15T17:46:35.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auraguest.lk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 06:53:02 GMT","end":"Sat, 20 Jun 2026 06:53:01 GMT"},"fingerprint":{"sha1":"4B:66:5C:F4:3E:A7:7D:D1:19:D4:1C:96:AD:1D:E0:BE:C5:A7:A0:DF","sha256":"00:F3:0F:EA:F5:2D:2C:35:2F:52:A5:56:DC:A2:AD:78:FB:F1:8A:6E:B6:35:3A:B8:9C:42:B6:67:14:A0:3C:0E"}}},"request":{"raw":"GET /modules/wkroomsearchblock/views/img/black-opacity-5.png HTTP/1.1\r\nHost: auraguest.lk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auraguest.lk/modules/wkroomsearchblock/views/css/wk-landing-page-search.css\r\nCookie: QloApps-9d354f55dc1d199e0d79ede34f28a2ba=def50200af60537b05a454191abc048cfbe3283037dbaf26373563d01575a213291bf70ec0de3d09ccf32aa0f700405b386e5b6cbf6916e19c3c730fbf4dd9b942468f2075240533d97e0aa6f56b74b30499bde4dea733c1ce54756f1b6e4ad26b2ae0d8a54ef11b801ddf333ce29819939b7d33462ca37fb6ac81d3fffe62b39bc57a669dd6433b1506aaec1cce6f4d831a12705b5a39be902555effcdd68ac71822390bbcef6fb94a02a579dd5ab26d8b0a5cab234d5992a4b9a506770abc85af2dd4da92346e0fae93ea28b769aa5833a4e67d372\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 22 May 2026 17:46:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 04 Jul 2025 12:35:38 GMT\r\naccept-ranges: bytes\r\ncontent-length: 104\r\ndate: Fri, 15 May 2026 17:46:35 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":104,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 1-bit colormap, non-interlaced","md5":"64e0431224805971a5f51e9b898641f8","sha1":"8141727bdf85ee7bb689514a871ceadde1e943bc","sha256":"abaa5a01b78b85352c778166fc328c780159b80fae4330c42a5f52b2754ccf15","sha512":"53f9fb074c3c96e8caaf7ab3b7d08f68b24a495c4951c4ab3e6598816e7075bf5f1c0d92c4d7b85a1d374cac368eba1f7fcab1525a958b1e31ff7c43f3b59c57","ssdeep":"","tlshash":"e8b012f663367c38d643503b9319c011c43601ae410393130b848d353eb2384c9e83c3","first_seen":"2025-10-17T20:06:27.387831Z","last_seen":"2026-05-15T17:47:02.0188Z","times_seen":10,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-15","alert":"Sinkholed","trigger":"auraguest.lk","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}