r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8286265a56e3e10efd41b41618a54071
5f10ac9a050e15f5598674dc7ee3865b325d01a8
2da2fa0b2b86ccc4029d0baa4e9c5b21a6433228b84b451b72b1d318561d4ef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2608
Expires: Sat, 05 Nov 2022 18:25:34 GMT
Date: Sat, 05 Nov 2022 17:42:06 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2223
Cache-Control: max-age=145561
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:06 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:08:07 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2223
Cache-Control: max-age=145561
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:06 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:08:07 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 078950c3ba9ad01927f3da494b1d1de4
443c8a8247e4e3e04c14d21e0227fc4e8f396142
dd5dd09fec51669adf36b3014bbf65d7bff608f72018d037f9ed9b414675037c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD5DD09FEC51669ADF36B3014BBF65D7BFF608F72018D037F9ED9B414675037C"
Last-Modified: Fri, 04 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11100
Expires: Sat, 05 Nov 2022 20:47:06 GMT
Date: Sat, 05 Nov 2022 17:42:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NYT3EGsDFR1pMoa1pVviQS/FDM4VQ2b+RVMR1PGK5RA42yAumhC0f8mrnthv9tHXsFJJg8z36k4=
x-amz-request-id: Q3Q00006M22QJZY2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 16:47:16 GMT
age: 3290
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 17:42:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5569
Cache-Control: max-age=143850
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:06 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:39:36 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
elephantpassresort.com/icmo/sabuisqoroaamliumq
103.76.228.55301 Moved Permanently 0 B URL HTTP/1.1 elephantpassresort.com/icmo/sabuisqoroaamliumq
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /icmo/sabuisqoroaamliumq HTTP/1.1
Host: elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 05 Nov 2022 17:41:55 GMT
Server: nginx/1.17.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Cache-Control: no-cache
X-Redirect-By: iThemes Security
Location: https://elephantpassresort.com/icmo/sabuisqoroaamliumq
X-Server-Cache: true
X-Proxy-Cache: MISS
push.services.mozilla.com/
34.218.159.206101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.159.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R4fsUIc+8hvrkXJRWqjGDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SLJKOv3mAQi9YVo171+xULqfMw4=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62f99651c30168ffd828470571efa8ee
510deba20be5757cb3bf9e71b449a468b7782a9e
2a2272e1817fb2f7e7dfa63d16d46f4ff7eb3d7aa8c060de8dd8df617b1d0a60
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A2272E1817FB2F7E7DFA63D16D46F4FF7EB3D7AA8C060DE8DD8DF617B1D0A60"
Last-Modified: Fri, 04 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 05 Nov 2022 23:42:07 GMT
Date: Sat, 05 Nov 2022 17:42:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11341
Expires: Sat, 05 Nov 2022 20:51:08 GMT
Date: Sat, 05 Nov 2022 17:42:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11341
Expires: Sat, 05 Nov 2022 20:51:08 GMT
Date: Sat, 05 Nov 2022 17:42:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11341
Expires: Sat, 05 Nov 2022 20:51:08 GMT
Date: Sat, 05 Nov 2022 17:42:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11341
Expires: Sat, 05 Nov 2022 20:51:08 GMT
Date: Sat, 05 Nov 2022 17:42:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11341
Expires: Sat, 05 Nov 2022 20:51:08 GMT
Date: Sat, 05 Nov 2022 17:42:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a3b1551512640bb8f5e7deb80c32272
75805b9f03aef14cfad025259936ae5f217d25ca
5baa90853202e78cf9b59e9ab597e16ccfbf143d7e124583e64dc1ad1ee2c2df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7783
x-amzn-requestid: ab7cc6ee-976d-41a4-b5da-0aefd5cb6246
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEJnzH15oAMFlwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364bc98-68f910b60bd5ecaf2947c59a;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:17:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JnvKcym5f71Ra_ZHzkTXnU7Fa3D5zBFK9JFKXA_A3G98jN9r3Jikyw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 08:24:07 GMT
age: 33480
etag: "75805b9f03aef14cfad025259936ae5f217d25ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 308da46611df43543d31ca502986bea2
0bf4de356c3a64785fe116161cb931b3b2476f5d
63996962e2763dcf2e0ae5e43aa12dfd8f8677082bb1cdf63528dfd00404f3e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7619
x-amzn-requestid: 67308248-e660-4294-aafe-5f178970f822
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHlcHHfIAMFyGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63658622-5b1ee875554a05eb1e8a6f16;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:37:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _-RekVvWiPI4MHy0Up2j6D6a_NcPywYvDeydP3QlbCceU7NfWk00jQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:52:21 GMT
age: 71386
etag: "0bf4de356c3a64785fe116161cb931b3b2476f5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7c9c908e891e7277f21a914fea9aa25
596c3c084ae3d850a5dc28e549b4e22f2b8cc71f
709c217b3ac09712d2af4366316c8977b1a4e2a73f887b3e30f10df1ed50bacd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9150
x-amzn-requestid: 7c179507-20a7-4fa3-993b-f79b3e7949ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apwiGHD_IAMFQZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2e0d-337623ce79dc53c864632c72;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:06:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CKSa8_W-V5Rf8od3FFPgvBmlfXcqaYotYT5u6Gm8UvmXECcAzfAGoA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 14:36:54 GMT
age: 11113
etag: "596c3c084ae3d850a5dc28e549b4e22f2b8cc71f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 06:27:59 GMT
age: 40448
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eaf06d0fb99703abfd57b962eb21ce96
ce73b0ad22139bec863ed990e3d3af4bdc3df288
a226250245611193be882c92f2d9920cb6ceeb12823b48c0b9c8fa2aba1c8c0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6909
x-amzn-requestid: 7c500c29-f514-491c-b2fe-a732a546925f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: awWpEEYHoAMFWdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635cd16d-6d9c4c5c41f4fcd16cabda59;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lOCFTDiIxZDBzypATpujFz2hjWPabqjokrpq1-5An86y5lZLG5xHxQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 07:40:21 GMT
age: 36106
etag: "ce73b0ad22139bec863ed990e3d3af4bdc3df288"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca6c7517d7015fbc35fa290c1c2d6afd
594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c
a746b36be50209915a0e5657abd219aab382eee4b7556142aa1316daf3a9f5a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: f2e39db1-fb8a-4a9b-8a1d-ee08000ddeb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC1VyFHuIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636435be-7a03ef677f8dbd680f72de90;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I6mALhsUwtQqMP_p_HxFaiCyfRDTtVzPIJjeDrKSEq7Tc_d5EcNw3Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:52:32 GMT
age: 71375
etag: "594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
elephantpassresort.com/icmo/sabuisqoroaamliumq
103.76.228.55301 Moved Permanently 0 B URL HTTP/2 elephantpassresort.com/icmo/sabuisqoroaamliumq
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /icmo/sabuisqoroaamliumq HTTP/1.1
Host: elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sat, 05 Nov 2022 17:42:07 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-length: 0
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.elephantpassresort.com
x-server-cache: true
x-proxy-cache: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a2f6c296003d839bdee766ef4082e376
013ae64b10cb1355ae9b6ba38dcfa79f71a9b505
703d6582ab3344d6e4a0d5b7e0c9983b8f7e8179d73dd6584c37bbccc8c84308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d65c94a3bfe8605059e5e626ea0fa57e
b0fbc3577331b82efc8e320095b8d8705a6360d3
0878edd256a972f526d7053cdebceb28241db5662cc7660a10f1b4c3430c43c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d65c94a3bfe8605059e5e626ea0fa57e
b0fbc3577331b82efc8e320095b8d8705a6360d3
0878edd256a972f526d7053cdebceb28241db5662cc7660a10f1b4c3430c43c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-847594148
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-847594148
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash daebc1d8ada2978dfd30e40c5c39840e
5a7ebc89446990f97377c2ddbfa009fae5894f28
5f257c2eb8bc02259d0cd3fdff85892fa06f778060d1dab5b9a37057b33213e6
GET /gtag/js?id=AW-847594148 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 05 Nov 2022 17:42:10 GMT
expires: Sat, 05 Nov 2022 17:42:10 GMT
cache-control: private, max-age=900
last-modified: Sat, 05 Nov 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52803
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a2f6c296003d839bdee766ef4082e376
013ae64b10cb1355ae9b6ba38dcfa79f71a9b505
703d6582ab3344d6e4a0d5b7e0c9983b8f7e8179d73dd6584c37bbccc8c84308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-77532242-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-77532242-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 8e07bac2a82d5a00af76ebfa47a8c3a1
6a2cb130be4df32b920d893b5eba14b34e52c77f
2d9568ce4561fc54ed20770948e48806dca36a8f47f677bcc978bd737ff734af
GET /gtag/js?id=UA-77532242-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 05 Nov 2022 17:42:10 GMT
expires: Sat, 05 Nov 2022 17:42:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44653
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-includes/css/classic-themes.min.css?ver=1
103.76.228.55200 OK 189 B URL HTTP/2 www.elephantpassresort.com/wp-includes/css/classic-themes.min.css?ver=1
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 14:11:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.1
103.76.228.55200 OK 124 B URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.1
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF, CR line terminators
Hash 893dd4d34591cb544851b5a41747cdfd
e8585a3187cfaa2288f0cb48e5696929306b7615
1de5e3983dd9d63c6d92bc1543a4ae8978b38fbaa8d79fbbc2035c62a68cd7cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.1 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 29 Oct 2022 16:24:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 124
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.8.2
103.76.228.55200 OK 5.5 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.8.2
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash f491518eccae244f052aaae5eeaa5636
d89f96fe55b4a1339dd2663cb2319d0ec74babbd
02df40e7cc92a310feed821b2c931474fb0e5dd2188d417ded69adf2a0391fd6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.8.2 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:22:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5474
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.90
103.76.228.55200 OK 410 B URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.90
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4a1a6d7b33f8a8e0417d1fe0e0a13e75
5119146fc3e4c2cb9c6ab010e2bc9b2ae7d54282
538ccb5dbf9ddd8a46bf66027cdb5c67a7476dc7760317c4e60fd04ed7a5c614
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.90 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 16:51:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 410
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/style.css?ver=1.0.0
103.76.228.55200 OK 2.6 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/style.css?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1020)
Hash c36d2819d20c1898edf6db57aa83fdd2
01aa8def7f63d3360072964fab323ff31783b98c
dfcecc5eaeb0aecf17de7e7b32a29dd3de33626c10dc96ed86b931ba66373980
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/style.css?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 19 Mar 2020 06:44:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2637
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
103.76.228.55200 OK 12 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash c220a68e588d62a720ffacfa52ad31d3
430b0eb0bdf72cebd13d43d18b8a276847b7a786
c12f9fb0d32fe152c3306f864f398f965b24ac6ffe01697b2b05fac214d2991a
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:22:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12242
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4a9066e8faeec7f06d9a7e91bef8ff52
699ce1c29412a4c3f9018f4deceb3db399ddcd29
46461d19bf1ea06f23d89c4179135eaca9d7c8753a91e913b3adaf2615bee36f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5de5a7ee16d3f3164758282fbecef0a3
82fb2ac7d306e1f9724adc0ba2ef9e549baa9100
ad55f91c5fb1f872310a5f5777a65b79a338138d241a674449da2e0edde1f2ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.elephantpassresort.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15
103.76.228.55200 OK 13 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 58dd59686fb83f247d72c74284641945
3f36fc8f2c2921f025ea2dee95d475a5705dc84e
df199699d2cda0f41a52e5f3396111fe8868f798b92e0fe2e39018ad39cf497c
GET /wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 20 May 2022 11:15:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13137
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-vars/theme-style/css/fontello-custom.css?ver=1.0.0
103.76.228.55200 OK 1.9 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-vars/theme-style/css/fontello-custom.css?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 82c3b37a97f3267d5579f3e47e250018
508323b506f96546e03b92e1c6c4453ca6f3e829
f894c2e2dc1f62811d31214a802ddf60612b7243a273436c958c21c49ba21544
GET /wp-content/themes/hotel-lux/theme-vars/theme-style/css/fontello-custom.css?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1922
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/css/ilightbox.css?ver=2.2.0
103.76.228.55200 OK 2.2 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/css/ilightbox.css?ver=2.2.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (446), with CRLF line terminators
Hash a670011d4b13a6b31d369bd1fad59fe1
bc5b97742e467ef6a3bf1f35deed93c1e27cfb94
6466c76e659f929613c706e48f73137d4fb35510c414b15ccbbdf4e49e21aceb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/css/ilightbox.css?ver=2.2.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2183
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LdmadEUAAAAAFY8ny4exROILdGqeNIERS0y2XN7&ver=3.0
142.250.74.164200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LdmadEUAAAAAFY8ny4exROILdGqeNIERS0y2XN7&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 8de877871514690aab1e5e295adc5c11
1c988c9f0215a48c289ede47d2170d0dc2a79a3b
bbda734c790a5360b7e7d3d9b32241c996a604d791d46875d21c76bcc282b645
GET /recaptcha/api.js?render=6LdmadEUAAAAAFY8ny4exROILdGqeNIERS0y2XN7&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 05 Nov 2022 17:42:10 GMT
date: Sat, 05 Nov 2022 17:42:10 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.8.2
103.76.228.55200 OK 3.6 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.8.2
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (23514)
Hash 91f0cda3bd47bc71b1106bda18da5d68
be41b8c2ce22f29356a2a8c5da325292b69453a7
885f808b1c8210c307418bbe58815041d8ebcf9a929d8447d786d7b04cb607cd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.8.2 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:22:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3626
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-framework/theme-style/css/retina.css?ver=1.0.0
103.76.228.55200 OK 335 B URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-framework/theme-style/css/retina.css?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 89c22c676fd7800c85e8d8530921a96c
f0b169a6feaddd649880d4913eefdc7f1ec9c01e
f2669ef29625fd9f272f3fe31bea2ea599c31f0c4ed6006238f8834714e73988
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/theme-framework/theme-style/css/retina.css?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 335
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-vars/theme-style/css/vars-style.css?ver=1.0.0
103.76.228.55200 OK 143 B URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-vars/theme-style/css/vars-style.css?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 0ebb5a25d10a7cb6cbd95b081489d762
7c6b812db5830088850293ae029389e0c99be49b
9641bb10919c87ac0ac0acd846169c106baa3fde017c7635931dbf650773fd9b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/theme-vars/theme-style/css/vars-style.css?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 143
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/assets/css/tiny-slider.css?ver=2.4.18
103.76.228.55200 OK 1.6 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/assets/css/tiny-slider.css?ver=2.4.18
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (5682)
Hash 2cf2cc2c09fa0c402c3d1c60d58c72ac
298cb9f8c7549fd4bc0e12f6bb3b1adb84bad79b
dbdf1a0a8bd453d2fbab8139c12c0f2f86f23eee9da695ebe98c10c6085ce7f5
GET /wp-content/plugins/kadence-blocks/dist/assets/css/tiny-slider.css?ver=2.4.18 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 09 Aug 2021 16:18:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1608
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/blocks/posts.style.build.css?ver=2.4.18
103.76.228.55200 OK 1.9 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/blocks/posts.style.build.css?ver=2.4.18
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (9026)
Hash 0a9b48b99fb1075f652616e5b82105d0
02a37d7845db27d492008678fc27548cf798c99d
4e75bd3d5861e7a1851dec8716f1ae887e0a35b6821be6c87dd77bf40aa409bd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/kadence-blocks/dist/blocks/posts.style.build.css?ver=2.4.18 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 09 Aug 2021 16:18:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1880
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/blocks/testimonials.style.build.css?ver=2.4.18
103.76.228.55200 OK 2.1 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/blocks/testimonials.style.build.css?ver=2.4.18
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11866)
Hash e0175c8b249fe3f76827db030d498b0b
5ab37a7d925f42fe769aafe32b187b122905d786
a86fe6c033d8365e8f30a7532828fa87d05c639319cfd6e77b57ef527d412abd
GET /wp-content/plugins/kadence-blocks/dist/blocks/testimonials.style.build.css?ver=2.4.18 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 Apr 2022 19:07:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2090
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
103.76.228.55200 OK 4.6 kB URL HTTP/2 www.elephantpassresort.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 14:36:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/blocks/row.style.build.css?ver=2.4.18
103.76.228.55200 OK 5.2 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/blocks/row.style.build.css?ver=2.4.18
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (36133)
Hash ab369a53fca02ca18febfc62fc915f32
e6bd84b4ea60f9e2eeecd99533e6e83ca1134aa8
6e53abeddb870a2c8c24fe84ad119a30439871ebda97653aa0459592c20b545d
GET /wp-content/plugins/kadence-blocks/dist/blocks/row.style.build.css?ver=2.4.18 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 06 Oct 2022 20:32:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5230
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4a9066e8faeec7f06d9a7e91bef8ff52
699ce1c29412a4c3f9018f4deceb3db399ddcd29
46461d19bf1ea06f23d89c4179135eaca9d7c8753a91e913b3adaf2615bee36f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.elephantpassresort.com/wp-content/themes/hotel-lux/css/animate.css?ver=1.0.0
103.76.228.55200 OK 6.7 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/css/animate.css?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (460), with CRLF line terminators
Hash 02bc604245d636191bbc3406132c5de6
3d0e4b043921b274256871f9577ac599fa1ff0ad
fce814fe80ccff076affc1f87d8553b87c78403e08cddb97bf3c59458bbffaad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/css/animate.css?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6715
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-framework/theme-style/css/adaptive.css?ver=1.0.0
103.76.228.55200 OK 8.0 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-framework/theme-style/css/adaptive.css?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 68c00eb60e0e40cca949823f4b6e7f12
fa9572ebdf93c28af9f842def017600746a658ed
5854324278d0cc564c84e4dacfa4a668f75bc50f140bbc48d2dc3c877b47da36
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/theme-framework/theme-style/css/adaptive.css?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7993
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/css/fontello.css?ver=1.0.0
103.76.228.55200 OK 11 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/css/fontello.css?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 02183cb31db39357288032f91047ed2f
ad289835af077e46d73dd3bbdd04f7be4e29f2dd
2f724eca8892ef965bb83f3ddb1b2fce2dd68c3e67da031a6b73977d58352bc4
GET /wp-content/themes/hotel-lux/css/fontello.css?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10845
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1
103.76.228.55200 OK 5.3 kB URL HTTP/2 www.elephantpassresort.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 11:26:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/respond.min.js?ver=1.0.0
103.76.228.55200 OK 2.5 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/respond.min.js?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (4453), with CRLF line terminators
Hash 16a93a02c7f56881b01a0621eea74305
8cd58f7ad64594bcba7bf8e215b7b7a760fd9e45
5c8ab796ee8902815180ce5d4e54d0a2a6ab836fd52f000250c19a0df55969cb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/js/respond.min.js?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2456
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/css/ilightbox-skins/dark-skin.css?ver=2.2.0
103.76.228.55200 OK 1.8 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/css/ilightbox-skins/dark-skin.css?ver=2.2.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash dd3722034cceb43481280e08bd400b6f
887c5cd4dfc97a43bb23c55a2cfd3541c4a835d0
6ef113733d665444da9c1eb98ca862abd6931626139149b58baff529d8220826
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/css/ilightbox-skins/dark-skin.css?ver=2.2.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1823
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/gutenberg/cmsmasters-framework/theme-style/css/frontend-style.css?ver=1.0.0
103.76.228.55200 OK 7.2 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/gutenberg/cmsmasters-framework/theme-style/css/frontend-style.css?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash be5eb958bc85e98c2bdd5784a467b096
c163f546825c9053baf25a414780411eb77e226c
80fbd791134045faa8bab7e43eb42804492b1fb8c1386c93086b2caedef7c7ba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/gutenberg/cmsmasters-framework/theme-style/css/frontend-style.css?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7153
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Dosis:700%7COpen+Sans:400%7CRaleway:700
142.250.74.10200 OK 2.8 kB URL HTTP/2 fonts.googleapis.com/css?family=Dosis:700%7COpen+Sans:400%7CRaleway:700
IP 142.250.74.10:0
Hash 0ad66ebe4d519bff74021f8c006f41f4
878c357e26e779162e750b519aaac0ab7cd745b3
48dafef75c24a59119c5b2963396a60e2f2148584c864c51f56b803692053b25
GET /css?family=Dosis:700%7COpen+Sans:400%7CRaleway:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 05 Nov 2022 17:42:10 GMT
date: Sat, 05 Nov 2022 17:42:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.15
103.76.228.55200 OK 2.5 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.15
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6296), with no line terminators
Hash fec6ba784bbcac73f93e36fcfb78f1bc
5f1590cec792cb71e167a856017bc0847d316536
c55e71d262c67347c4ff3e7cb9dd53da79f4527ba2597304950d7dd01d404ff0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.15 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 07:36:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2497
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/cmsmasters-hover-slider.min.js?ver=1.0.0
103.76.228.55200 OK 1.1 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/cmsmasters-hover-slider.min.js?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (2995), with CRLF line terminators
Hash c4ccd06acda1f743445fb723cd2e9681
c83c57f06ddb3a55a10d3855e090dd024b111be0
c83246293028dd8afbdb0ccf02470ec6ef8bc14b707cff409f6fd5cc85bfdb65
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/js/cmsmasters-hover-slider.min.js?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1065
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/debounced-resize.min.js?ver=1.0.0
103.76.228.55200 OK 314 B URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/debounced-resize.min.js?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (365), with CRLF line terminators
Hash 8f7ab0f323c8f62444db5786de246958
fcb93af5567432ddc6250732e635813699184bad
f157e672a12c3fbfa25e6eb550111adda04531b5b30aa9cc0bacaa5088eb5e60
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/js/debounced-resize.min.js?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 314
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/cmsmasters-wp-postratings/cmsmasters-framework/theme-style/css/plugin-style.css?ver=1.0.0
103.76.228.55200 OK 440 B URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/cmsmasters-wp-postratings/cmsmasters-framework/theme-style/css/plugin-style.css?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash d3e51b14030da7ff887fae29f3615d25
f3e6f4e1ada6eefa1de151729a05003302bfaf16
3c9c64dc5447f3c7dec9795187bf755f360b059cbda828754e4c1b9590fcf812
GET /wp-content/themes/hotel-lux/cmsmasters-wp-postratings/cmsmasters-framework/theme-style/css/plugin-style.css?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 440
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/blocks/column.style.build.css?ver=2.4.18
103.76.228.55200 OK 526 B URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/blocks/column.style.build.css?ver=2.4.18
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1463)
Hash 8c3a54cd98680a285c44f57624716490
3b818f6727c5d8a3c257ae6240b02e0dab163222
ef1c2a7c65d7f836a2a75c7e96c70ca4c8518ca57b6402d19cdb7716744948cb
GET /wp-content/plugins/kadence-blocks/dist/blocks/column.style.build.css?ver=2.4.18 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 13 Jun 2022 20:16:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 526
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/
103.76.228.55200 OK 47 kB URL HTTP/2 www.elephantpassresort.com/
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9412), with CRLF, CR, LF line terminators
Hash e70e23274ccf8726f1d15fbb075619b3
768c8b973a07d5278c77b937bc00c106ad62fc77
f875827d29bf1ad3e8ea82ffc70920ccd67d04c329c3fc1e13612815e27b8420
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:42:09 GMT
server: Apache
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-nitro-cache: MISS
link: <https://www.elephantpassresort.com/wp-json/>; rel="https://api.w.org/", <https://www.elephantpassresort.com/wp-json/wp/v2/pages/7366>; rel="alternate"; type="application/json", <https://www.elephantpassresort.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15
103.76.228.55200 OK 3.8 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash c963e3e85da0f47cf30b60e2e3c6f863
5a769960db02381c20771e203e11645701700af3
79a2a8fb91b167b46e79a1f535179771d979deeb35d41d8d6c01d2dd208037f2
GET /wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 20 May 2022 11:15:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3787
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/modernizr.min.js?ver=1.0.0
103.76.228.55200 OK 7.1 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/modernizr.min.js?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (14852), with CRLF line terminators
Hash ca7d922fd329d1786596a10232a731ea
fbf0c3e2956f413cf157d89dd3666b466aee9a38
5d15fe62aae1ac283bdaea117178cf7547a61ff465064e66ebac1c48dbf724ed
GET /wp-content/themes/hotel-lux/js/modernizr.min.js?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7136
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
103.76.228.55409 Conflict 83 B URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/gutenberg/build/vendors/inert-polyfill.min.js?ver=6.1
103.76.228.55200 OK 3.0 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/gutenberg/build/vendors/inert-polyfill.min.js?ver=6.1
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8169), with no line terminators
Hash 29295b3e75bedb93cea277a58c7e3e68
399247924c8c2418a366f6a50c2fc86772448795
67b8d030aa45dd4d89c832051dc0d20877ecc8cd50b157a05f3deea73020b24d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gutenberg/build/vendors/inert-polyfill.min.js?ver=6.1 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Oct 2022 11:46:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2976
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/uploads/2020/01/logo-3.png
103.76.228.55200 OK 18 kB URL HTTP/2 www.elephantpassresort.com/wp-content/uploads/2020/01/logo-3.png
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 300 x 92, 8-bit/color RGBA, non-interlaced\012- data
Hash 15e50c6d9c69f58d83b1bb0ca6f11fda
80775f43f8b11856c619953b70698b6b4a9a0208
7222d5fd4c55a362325382ddbad687c14cb8d31ca2df7ce73c6a8c5e8a57b80c
GET /wp-content/uploads/2020/01/logo-3.png HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:38 GMT
accept-ranges: bytes
content-length: 17719
content-type: image/png
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
103.76.228.55409 Conflict 83 B URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/request-animation-frame.min.js?ver=1.0.0
103.76.228.55200 OK 471 B URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/request-animation-frame.min.js?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (713), with CRLF line terminators
Hash 10353350efa669eced59e6ea8ffd7804
7962f594ac5f7b3cace20b768a3bc2cd079100fe
e0a698f1379ecd35d30c94da165c2163ad2b8674386d48f2cc6162913a12620c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/js/request-animation-frame.min.js?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 471
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.90
103.76.228.55200 OK 787 B URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.90
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (516)
Hash f2a7c09595825e4bc99007429e168d32
46c333e6c40293637e1d178af6430209c43e71fc
00e994eb01a910742cf2fcf46687459067dd24314c9cb5bc2546a13359ea3a4c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.90 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 16:51:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 787
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/assets/js/kb-tiny-init.min.js?ver=2.4.18
103.76.228.55200 OK 842 B URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/assets/js/kb-tiny-init.min.js?ver=2.4.18
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2549), with no line terminators
Hash 868fbd56648d3dbaf2e03d2ac2571f27
a00041b64206499bc59179259edaffd8613683eb
9b46359cecd478bd8efafde86b93b1a6a37638eeee6ab69e08d6d76af2db376b
GET /wp-content/plugins/kadence-blocks/dist/assets/js/kb-tiny-init.min.js?ver=2.4.18 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Sep 2021 21:49:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 842
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/mousewheel.min.js?ver=1.0.0
103.76.228.55200 OK 627 B URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/mousewheel.min.js?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1044), with CRLF line terminators
Hash bb66a6192ce9ea615455f365489d29fe
65c2fcfbc94b45fedb65f750695140035893d8e1
b5df27e18aa41430c29d928d36545659d72a01b4725fbefe8573a03196d40721
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/js/mousewheel.min.js?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 627
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:200,800%7CPlayfair%20Display:600italic,400,700,regular&subset=latin,cyrillic&display=swap
142.250.74.10200 OK 1.8 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:200,800%7CPlayfair%20Display:600italic,400,700,regular&subset=latin,cyrillic&display=swap
IP 142.250.74.10:0
File type ASCII text, with very long lines (3637), with CRLF, LF line terminators
Hash c441023e0fbb9c85bf9995859f54109e
aac285fc974e663c910cc4984e16299e7ee4e90d
cbbbdc48b212d47ade3c9a86abd55ac6f5d614a6f090ed6d49f033495a96b5c9
GET /css?family=Montserrat:200,800%7CPlayfair%20Display:600italic,400,700,regular&subset=latin,cyrillic&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 05 Nov 2022 17:42:10 GMT
date: Sat, 05 Nov 2022 17:42:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/smooth-sticky.min.js?ver=1.0.2
103.76.228.55200 OK 2.1 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/smooth-sticky.min.js?ver=1.0.2
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (4977)
Hash 7d3d3c61caa41b2c980b18571db76234
ec10729627c547754fce2733825d0da471664675
09b8b9995d22f428eb70eb5ff7d64612a5a63b322a50523d632bfb07643b0125
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/js/smooth-sticky.min.js?ver=1.0.2 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2114
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-includes/js/comment-reply.min.js?ver=6.1
103.76.228.55200 OK 1.5 kB URL HTTP/2 www.elephantpassresort.com/wp-includes/js/comment-reply.min.js?ver=6.1
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2946)
Hash 92712acce6ce836d0a929b1800b4f9d6
8157d1380bb1d6dadfd85565dd464bb5b0ed06bd
2f82d181a2cadadf7d898d7f5ea2eb527106fb6413044b55fbfa4fb0081a2e09
GET /wp-includes/js/comment-reply.min.js?ver=6.1 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 09 Apr 2022 01:37:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1477
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/scroll-to.min.js?ver=1.0.0
103.76.228.55200 OK 1.4 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/scroll-to.min.js?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2445), with CRLF line terminators
Hash 87460f7b025abd1be6ff07d204936b70
b91e7b42b05a14f17bd2a6b3b79206fca55f88fd
b62633bf8404dcd6eff55d1958d495a71a08aeb846941293fe462cc7b8a01169
GET /wp-content/themes/hotel-lux/js/scroll-to.min.js?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1430
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
103.76.228.55200 OK 2.1 kB URL HTTP/2 www.elephantpassresort.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (5477)
Hash f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 14 Jun 2020 00:23:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2103
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/stellar.min.js?ver=1.0.0
103.76.228.55200 OK 4.2 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/stellar.min.js?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (12505), with CRLF line terminators
Hash dadec9ca6b24f8c3b2934cd2d9b87cec
aa915cf611f6897c6e2e233ef64c3c9a89ba65b3
9bbb8f642e88ca71d52bd8df85970d8e807de0969959fc3d850a3205b0729c52
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/js/stellar.min.js?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4156
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/easy-pie-chart.min.js?ver=1.0.0
103.76.228.55200 OK 1.8 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/easy-pie-chart.min.js?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3721), with CRLF line terminators
Hash 7ce85258a4f77b0a2705adbb0fbcee05
69da8d5d1dd2f2ac9b7920e26f7fdd0e2f95196a
8c15759c018c471e7edcf4006ee372bef825f844bbb57b5a4686e54643befde6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/js/easy-pie-chart.min.js?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1784
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/jquery.tweet.min.js?ver=1.3.1
103.76.228.55200 OK 3.3 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/jquery.tweet.min.js?ver=1.3.1
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, Unicode text, UTF-8 text, with very long lines (7318), with CRLF line terminators
Hash 51c2088bfc85d73e360339989666d258
6804362d42cc833bf3540712e75ef3584f7d20a9
9929cf881be69e6354ced15a80b9cf34347708678a0d5dccbc2d1a2523640de4
GET /wp-content/themes/hotel-lux/js/jquery.tweet.min.js?ver=1.3.1 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3279
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/owlcarousel.min.js?ver=1.0.0
103.76.228.55200 OK 8.5 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/owlcarousel.min.js?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (24503), with CRLF line terminators
Hash 8fe507d687bde82afe4ea65198a7c0dd
f595ebe365dfe1d74e3e81ea14ee082d4af161bb
3c4af356ebee389f7df683b35f369fc0ceded59c40402579d2bf731713871dc6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/js/owlcarousel.min.js?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8488
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/jquery.script.js?ver=1.0.0
103.76.228.55200 OK 10 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/jquery.script.js?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 1c9e49a9c1251eb3d1cf9fbbb822efa3
e25cf5350de7d29950a3582fbcdb2731897fe28d
61008b82b64b1f28a0e0e3641c3dbba3e586340182cf88e3dd2105f3739476b7
GET /wp-content/themes/hotel-lux/js/jquery.script.js?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10388
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
103.76.228.55200 OK 2.7 kB URL HTTP/2 www.elephantpassresort.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 17:34:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2675
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
103.76.228.55200 OK 7.6 kB URL HTTP/2 www.elephantpassresort.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 66c68f2158dcf7d97a02f3719a17aab0
fdb04fb4c632b9fb4275006a4e402cd0d4fa393a
e4b360f0e6ae1afc06f05f958e8696e5ae45257912bc2ab0b9334bd1382a51aa
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 14:11:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7621
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/waypoints.min.js?ver=1.0.0
103.76.228.55200 OK 3.2 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/waypoints.min.js?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7841), with CRLF line terminators
Hash ec03e06d51b7d7977926587a8662425d
d2e9a675917b705f344fc4397d13f29afefe62a9
5bb6d647ecaaeff9c1f1358c749b992caab91d351229798ab5643987fe3b7611
GET /wp-content/themes/hotel-lux/js/waypoints.min.js?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3175
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/assets/js/tiny-slider.min.js?ver=2.4.18
103.76.228.55200 OK 15 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/assets/js/tiny-slider.min.js?ver=2.4.18
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (31970)
Hash 59e77bf43b5cbd470b3d44bed5acdd19
d3136c011da40bb872bd38c5e790f972b1cb35b1
2a9d156c07268215733cc3db854973bb10bd400ba4511acca4a31ae140a041b3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/kadence-blocks/dist/assets/js/tiny-slider.min.js?ver=2.4.18 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Sep 2021 21:49:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15321
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-framework/theme-style/js/jquery.theme-script.js?ver=1.0.0
103.76.228.55200 OK 4.0 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-framework/theme-style/js/jquery.theme-script.js?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3972)
Hash 033a158262876bd79179911f73a87bf0
6d94b1d9c0a35dfb1b4b184566c4df2bac33e463
f69867e979f9eaf7cb5d2c5b7b42c49929559d5e542872b576080bd2b66b1073
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/theme-framework/theme-style/js/jquery.theme-script.js?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4040
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/scrollspy.js?ver=1.0.0
103.76.228.55200 OK 4.8 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/scrollspy.js?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (564), with CRLF line terminators
Hash 683f81cbdf7912a666c8eac3cf7da406
dbd3fc1321e1cdf3cdde8fe334c0bf9de46d71a0
e909eefe5506998665018d3c63077dba8d682c1b1184934ab2c026115bb88d0d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/js/scrollspy.js?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4809
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/uploads/2020/01/banner2-e1584856640574.jpg
103.76.228.55200 OK 201 kB URL HTTP/2 www.elephantpassresort.com/wp-content/uploads/2020/01/banner2-e1584856640574.jpg
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1700x531, components 3\012- data
Size 201 kB (200715 bytes)
Hash 05600f68ae61f7c884186030caec5199
4cd71a9045f5d3c1bad8b6db5bfa7bb32f08c2cf
3b7b51389cfa25c5f31e7934827c72ba21662344f847799cad9a825afab1e521
GET /wp-content/uploads/2020/01/banner2-e1584856640574.jpg HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 22 Mar 2020 05:57:20 GMT
accept-ranges: bytes
content-length: 200715
content-type: image/jpeg
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/uploads/2020/01/banner1-e1584856617903.jpg
103.76.228.55200 OK 238 kB URL HTTP/2 www.elephantpassresort.com/wp-content/uploads/2020/01/banner1-e1584856617903.jpg
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1700x531, components 3\012- data
Size 238 kB (238501 bytes)
Hash b5ddb2fb1f1561d0267d5f574376cd74
0587ca00780f4abb46163589a3a85b9d864300e3
5d17f2373060d366b6f024937a0bc9c55c46e4d829fb0eeb39eb2f1fbf694925
GET /wp-content/uploads/2020/01/banner1-e1584856617903.jpg HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 22 Mar 2020 05:56:58 GMT
accept-ranges: bytes
content-length: 238501
content-type: image/jpeg
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/dosis/v27/HhyaU5sn9vOmLzloC_U.woff2
216.58.207.195200 OK 29 kB URL HTTP/2 fonts.gstatic.com/s/dosis/v27/HhyaU5sn9vOmLzloC_U.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 29436, version 1.0\012- data
Hash 4e29aceac72b453671f585e88f69c24a
35115af67eca17e02698954f1533b69515ecbbf9
b9d88c1280c412b1bccb32e6d99da3369feeb3fae8b64900e7066a1829385699
GET /s/dosis/v27/HhyaU5sn9vOmLzloC_U.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.elephantpassresort.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 06:29:52 GMT
expires: Fri, 03 Nov 2023 06:29:52 GMT
cache-control: public, max-age=31536000
age: 213139
last-modified: Mon, 11 Jul 2022 20:56:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.elephantpassresort.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 16:40:18 GMT
expires: Fri, 03 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 176513
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/dosis/v27/HhyJU5sn9vOmLxNkIwRSjTVNWLEJ0LQl2xME.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/dosis/v27/HhyJU5sn9vOmLxNkIwRSjTVNWLEJ0LQl2xME.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15812, version 1.0\012- data
Hash fb642139056cbcec784c39bcf88e0b1c
0c77dbc3daa6eb6a023a76b21b01d92dd48b36d2
4984b698fe9670d8f6ede29b233f94bd5c51ebd62534ece9cf6b6a0a54c7dba9
GET /s/dosis/v27/HhyJU5sn9vOmLxNkIwRSjTVNWLEJ0LQl2xME.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.elephantpassresort.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Oct 2022 23:06:38 GMT
expires: Sun, 29 Oct 2023 23:06:38 GMT
cache-control: public, max-age=31536000
age: 585333
last-modified: Mon, 11 Jul 2022 20:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
103.76.228.55200 OK 69 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash a2246afe9ed6d573109dc25cb9423e3d
504cddf2a22dc85c11d99ba36ef8a43f51d4c1cb
6297c052a64d542498646216fa9da7d2d122711ac568e4d9089316e6ba04fba2
GET /wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:22:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.8.2
103.76.228.55200 OK 74 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.8.2
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d093d0e1121095da469fce74468e3f2d
fe95e8b34901098d4100b25dc1604e3fc19d750a
82a09d02777bcf0bf7681efde50be00374c9854a21eb10f9811fb78d84d272a5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.8.2 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:22:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v30/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_naUXtHA-Q.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_naUXtHA-Q.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21112, version 1.0\012- data
Hash 23c2712a4739131e1bfff838cf97faf5
f06629c6cd43e723149235919ff9784d2b18fdb4
54e0dc0c96cef34473716666f7f094d463bb3208696f4748ab869626efac154f
GET /s/playfairdisplay/v30/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_naUXtHA-Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.elephantpassresort.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21112
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Oct 2022 22:08:09 GMT
expires: Tue, 31 Oct 2023 22:08:09 GMT
cache-control: public, max-age=31536000
age: 416042
last-modified: Mon, 18 Jul 2022 19:09:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
216.58.207.195200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Hash 60f23230f1a8d5c3b7d25b73f5b5ce23
ed08ada85d017893b9bcb8224e99154c6708f5d2
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.elephantpassresort.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 15:03:06 GMT
expires: Wed, 01 Nov 2023 15:03:06 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
content-type: font/woff2
age: 355145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/google-language-translator/images/flags18.png
103.76.228.55200 OK 42 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/google-language-translator/images/flags18.png
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 169 x 520, 8-bit/color RGBA, non-interlaced\012- data
Hash e87c3f6109f5a5db4a1da94a8f709103
8037ff4f34e9d0b7fefc2a32af1fdc674a869e73
2aa94c1fd0a7d0644b70648ecb0d25386817b658e3cb4e5a635b7d929fd3f654
GET /wp-content/plugins/google-language-translator/images/flags18.png HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 20 May 2022 11:15:24 GMT
accept-ranges: bytes
content-length: 42054
content-type: image/png
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/uploads/2020/03/plain-white-background.jpg
103.76.228.55200 OK 74 kB URL HTTP/2 www.elephantpassresort.com/wp-content/uploads/2020/03/plain-white-background.jpg
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=II*], baseline, precision 8, 1920x1280, components 3\012- data
Hash 50e97f47972ef3bc792015763042c3a8
416b0687e66ef95cf5bc9f4a2bf06850161228df
7d277919a03a2657fa70a62d04801607e16793d164d45f7f22c697652187e0ad
GET /wp-content/uploads/2020/03/plain-white-background.jpg HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 19 Mar 2020 04:36:24 GMT
accept-ranges: bytes
content-length: 73535
content-type: image/jpeg
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.138200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.138:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 16:50:27 GMT
expires: Sat, 05 Nov 2022 17:50:27 GMT
cache-control: public, max-age=3600
age: 3104
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/uploads/2021/08/elephant-pass-ayurveda-resort-ba.png
103.76.228.55200 OK 72 kB URL HTTP/2 www.elephantpassresort.com/wp-content/uploads/2021/08/elephant-pass-ayurveda-resort-ba.png
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 487 x 364, 8-bit/color RGB, non-interlaced\012- data
Hash 1963d6968dac1279cfe7630d13863a2f
774bc045931046146341d96a1d8d4e15df8af4e0
26ceb2f04fcba7b0b5db1b10701768d69c1ba372d92035ad422dd6454497447b
GET /wp-content/uploads/2021/08/elephant-pass-ayurveda-resort-ba.png HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Cookie: nitroCachedPage=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Aug 2021 13:23:34 GMT
accept-ranges: bytes
content-length: 71687
content-type: image/png
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/uploads/2020/01/services-bg-e1581927119703.jpg
103.76.228.55200 OK 15 kB URL HTTP/2 www.elephantpassresort.com/wp-content/uploads/2020/01/services-bg-e1581927119703.jpg
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 500x267, components 3\012- data
Hash ecabf079638785d3b3d451af1b72304b
12fb049681e1c0c270d09414971cebdb92a1b903
328cbaec43926f80e3f184d2dfdd87331f27e4e41769d9a2ae5da458a98a2f6d
GET /wp-content/uploads/2020/01/services-bg-e1581927119703.jpg HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Cookie: nitroCachedPage=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 17 Feb 2020 08:12:00 GMT
accept-ranges: bytes
content-length: 15336
content-type: image/jpeg
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/uploads/2020/01/qq-removebg-preview.png
103.76.228.55200 OK 32 kB URL HTTP/2 www.elephantpassresort.com/wp-content/uploads/2020/01/qq-removebg-preview.png
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 128 x 126, 8-bit/color RGBA, non-interlaced\012- data
Hash b6916c01698752d7ec7a42a42abc9e78
4010f925c8c86b60985649c536ff575bf139b36e
c3e586c57d1f199689ef103971b619d1e1dffbe6623dc49562ea5ae1cd8470f6
GET /wp-content/uploads/2020/01/qq-removebg-preview.png HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Cookie: nitroCachedPage=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Jan 2020 04:16:42 GMT
accept-ranges: bytes
content-length: 32528
content-type: image/png
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/css/fonts/fontello.woff?61757689
103.76.228.55200 OK 131 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/css/fonts/fontello.woff?61757689
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 130584, version 1.0\012- data
Size 131 kB (130584 bytes)
Hash d43e4606fd9be47df1a8f71a1c1d43a4
a205b137b1365c4c7108f68b7c791cf8750e8c48
00b4afbe6cb75d57da853cda1c11b94ffbc3f3820822803ef826e19f8d46ad8f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/css/fonts/fontello.woff?61757689 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.elephantpassresort.com/wp-content/themes/hotel-lux/css/fontello.css?ver=1.0.0
Cookie: nitroCachedPage=0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
content-length: 130584
content-type: font/woff
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-vars/theme-style/css/fonts/fontello-custom.woff?75326912
103.76.228.55200 OK 37 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-vars/theme-style/css/fonts/fontello-custom.woff?75326912
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 37396, version 1.0\012- data
Hash da6cfd357dc2955da7bc33202e394b2c
c6f0d6f2a058673a4a254f9329c7e77d43efae0e
13932f591c67cb2f94509e903701df384920a3a69d18844fca02a5eae8fb1cad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/theme-vars/theme-style/css/fonts/fontello-custom.woff?75326912 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-vars/theme-style/css/fontello-custom.css?ver=1.0.0
Cookie: nitroCachedPage=0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:04 GMT
accept-ranges: bytes
content-length: 37396
content-type: font/woff
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
103.76.228.55200 OK 48 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 068e7b1bbaadfc34731baa5a7fb9eeaf
7d1668794393f4362d5a9c654c63f2996985fc95
17cd0f12245f62760ac5e6e600592c60869b9d2ac95fd86d99f8e532a7b374f8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:22:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-framework/theme-style/css/style.css?ver=1.0.0
103.76.228.55200 OK 66 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/theme-framework/theme-style/css/style.css?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 7947aeb62cbfad5788f089b0928b2008
000609ab14c103d60f421c1101c8b465c3e731fe
3c375013110ad9d2bc6168c71f7e80e8cfc3c949dff0e99b810c670c5a2c1c5a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/theme-framework/theme-style/css/style.css?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/cmsmasters-wp-postratings/cmsmasters-framework/theme-style/images/stars(png)/rating_over.png
103.76.228.55200 OK 1.1 kB URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/cmsmasters-wp-postratings/cmsmasters-framework/theme-style/images/stars(png)/rating_over.png
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 2b3f8c4bd6a8963242ac93f53b0c576a
61c5400ccb435083bb2d8380a4a401f1a30df0b9
5a5ecf9d46187ac62972628cad2036259bf3c6793f67c9f91473aac3ece73a2b
GET /wp-content/themes/hotel-lux/cmsmasters-wp-postratings/cmsmasters-framework/theme-style/images/stars(png)/rating_over.png HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Cookie: nitroCachedPage=0; _gcl_au=1.1.1201895846.1667670130
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
content-length: 1135
content-type: image/png
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
103.76.228.55200 OK 8.4 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (28818), with CRLF line terminators
Hash 9e9b332abe4a46934cc85242e22dd146
25dd86bdfc67ef2a8ce5561f73d5f5d147476da6
94f47ceb3f24fc839c1d3a60ed818edd717253efd60153e4e3ea2f00a7aba0ff
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Cookie: nitroCachedPage=0; _gcl_au=1.1.1201895846.1667670130
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:22:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8380
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.kenburn.min.js?version=5.4.8
103.76.228.55200 OK 1.6 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.kenburn.min.js?version=5.4.8
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3515), with CRLF line terminators
Hash a9a9ef0fb689c7d05dadc95487c59798
e5598003ddfb78a9d240b0ac85f83b62c37d7c14
d0e1b50aa1ec0a9a6bc4b31d7bd478df66d0342aec1c4307342d0254332dd0c5
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.kenburn.min.js?version=5.4.8 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Cookie: nitroCachedPage=0; _gcl_au=1.1.1201895846.1667670130
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:22:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1614
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8
103.76.228.55200 OK 8.9 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (25862), with CRLF line terminators
Hash 24cc4ae82947db94318c91847a49ee68
23ba55c3129dec4bb3c302eef52bebcbfa172e97
a3ab15aba69b891687f297afd31f1b09aa19856083d4ce9bb59d5b8f9df21477
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Cookie: nitroCachedPage=0; _gcl_au=1.1.1201895846.1667670130
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:22:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8892
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/uploads/2020/01/Philip-James-150x150.png
103.76.228.55200 OK 46 kB URL HTTP/2 www.elephantpassresort.com/wp-content/uploads/2020/01/Philip-James-150x150.png
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 33aa730261a6a6e1d3d10e26661c197a
32e074684e87ca5ddc77c0f917d879a5459d91f5
372885f25cdacfc665fe267d5c7cc9326ed14a8496e6a63922dda07f5687f6f3
GET /wp-content/uploads/2020/01/Philip-James-150x150.png HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Cookie: nitroCachedPage=0; _gcl_au=1.1.1201895846.1667670130
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Jan 2020 10:59:02 GMT
accept-ranges: bytes
content-length: 45610
content-type: image/png
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a6913d09d2b8cbd80ef370c1997143ec
61873208c5852b9f13b1a60d408ec8b239c48c81
291bfcf11419acdfafebb4a1d789302bcbae25eff3a3a847a251e912ef5854b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 05 Nov 2022 16:41:09 GMT
expires: Sat, 05 Nov 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 3663
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a6913d09d2b8cbd80ef370c1997143ec
61873208c5852b9f13b1a60d408ec8b239c48c81
291bfcf11419acdfafebb4a1d789302bcbae25eff3a3a847a251e912ef5854b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js
142.250.74.163200 OK 162 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (590)
Size 162 kB (162282 bytes)
Hash 05e06c50dab6f3d7f8bfde22301888db
64b3c20c788d298a672fabf9627eac914d95ed08
95176711feca1110e764a31e36764d5b331b033ed56fb372b42250329b33e1d6
GET /recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.elephantpassresort.com
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162282
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 14:45:31 GMT
expires: Sun, 05 Nov 2023 14:45:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 04:02:45 GMT
content-type: text/javascript
age: 10601
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 243a69bd8d356d81bde8ec490bd98764
c0f3e3f5ffa8290320453045e02920ce858ae790
ffea261e024417e07d6483681f3badd05377c2ce0fcd1bd58c8abaf22c681b10
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3224
Cache-Control: max-age=124570
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:12 GMT
Etag: "6365d776-1d7"
Expires: Mon, 07 Nov 2022 04:18:22 GMT
Last-Modified: Sat, 05 Nov 2022 03:24:38 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/847594148/?random=1667670130086&cv=11&fst=1667670130086&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.elephantpassresort.com%2F&tiba=Elephant%20Pass%20Ayurveda%20-%20Ayurvedic%20Resort%20Kerala%20%26%20Yoga%20Retreat%20Kerala&auid=1201895846.1667670130&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 923 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/847594148/?random=1667670130086&cv=11&fst=1667670130086&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.elephantpassresort.com%2F&tiba=Elephant%20Pass%20Ayurveda%20-%20Ayurvedic%20Resort%20Kerala%20%26%20Yoga%20Retreat%20Kerala&auid=1201895846.1667670130&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2005), with no line terminators
Hash d29397514ca4aed7e0ba444bf62ffaef
b5ea219def6713edf5945c1f9489f6ff80f2cd62
053e13db1b321506731b15c979fd8b35fd6cfbef3a099df4e9d5620f80864a69
GET /pagead/viewthroughconversion/847594148/?random=1667670130086&cv=11&fst=1667670130086&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.elephantpassresort.com%2F&tiba=Elephant%20Pass%20Ayurveda%20-%20Ayurvedic%20Resort%20Kerala%20%26%20Yoga%20Retreat%20Kerala&auid=1201895846.1667670130&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 17:42:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 923
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 05-Nov-2022 17:57:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a6913d09d2b8cbd80ef370c1997143ec
61873208c5852b9f13b1a60d408ec8b239c48c81
291bfcf11419acdfafebb4a1d789302bcbae25eff3a3a847a251e912ef5854b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.240.1200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.240.1:0
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: zoNduPayfCgXt6iV5jihpdbZQYfNx016umFQpGGByCWxYW8zZYLgCdkjzDBp56/Z8EqehUnLtL1PJxfGsN81hQ==
content-length: 27337
x-fb-trip-id: 1679558926
date: Sat, 05 Nov 2022 17:42:12 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 243a69bd8d356d81bde8ec490bd98764
c0f3e3f5ffa8290320453045e02920ce858ae790
ffea261e024417e07d6483681f3badd05377c2ce0fcd1bd58c8abaf22c681b10
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3224
Cache-Control: max-age=124570
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:12 GMT
Etag: "6365d776-1d7"
Expires: Mon, 07 Nov 2022 04:18:22 GMT
Last-Modified: Sat, 05 Nov 2022 03:24:38 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.elephantpassresort.com/wp-content/uploads/2020/01/icon-fav.jpg
103.76.228.55200 OK 8.6 kB URL HTTP/2 www.elephantpassresort.com/wp-content/uploads/2020/01/icon-fav.jpg
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 5d3b1f2975067d03076726ca39813b74
f743d7550d5945e5418b292e2dc07d8632875d15
fb53ea8a2a404d1488a19ad33214b404a2ee97e0bf789733740af383858d1a0a
GET /wp-content/uploads/2020/01/icon-fav.jpg HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Cookie: nitroCachedPage=0; _gcl_au=1.1.1201895846.1667670130; _ga_P8RGG2DB49=GS1.1.1667670130.1.0.1667670130.0.0.0; _ga=GA1.1.1554327217.1667670130
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:25:26 GMT
accept-ranges: bytes
content-length: 8550
content-type: image/jpeg
date: Sat, 05 Nov 2022 17:42:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/uploads/2020/01/icon-fav-64x64.jpg
103.76.228.55200 OK 1.4 kB URL HTTP/2 www.elephantpassresort.com/wp-content/uploads/2020/01/icon-fav-64x64.jpg
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 64x64, components 3\012- data
Hash 4fe7fc1ab482a7966b9c64e50a8b2f9b
0259b681ef43bd69f0e65e999ea2002135208050
8295c3d7eeb0dbcb6b95a17d6bf4a8920811e8dbd9f794ca123a8bb956fbdb22
GET /wp-content/uploads/2020/01/icon-fav-64x64.jpg HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Cookie: nitroCachedPage=0; _gcl_au=1.1.1201895846.1667670130; _ga_P8RGG2DB49=GS1.1.1667670130.1.0.1667670130.0.0.0; _ga=GA1.1.1554327217.1667670130
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Feb 2020 15:07:08 GMT
accept-ranges: bytes
content-length: 1438
content-type: image/jpeg
date: Sat, 05 Nov 2022 17:42:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
103.76.228.55200 OK 7.5 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Hash 04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
Cookie: nitroCachedPage=0; _gcl_au=1.1.1201895846.1667670130; _ga_P8RGG2DB49=GS1.1.1667670130.1.0.1667670130.0.0.0; _ga=GA1.1.1554327217.1667670130
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:22:06 GMT
accept-ranges: bytes
content-length: 7536
content-type: font/woff
date: Sat, 05 Nov 2022 17:42:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
103.76.228.55200 OK 2.5 kB URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type GIF image data, version 89a, 24 x 24\012- data
Hash 4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
Cookie: nitroCachedPage=0; _gcl_au=1.1.1201895846.1667670130; _ga_P8RGG2DB49=GS1.1.1667670130.1.0.1667670130.0.0.0; _ga=GA1.1.1554327217.1667670130
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:22:06 GMT
accept-ranges: bytes
content-length: 2545
content-type: image/gif
date: Sat, 05 Nov 2022 17:42:12 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d9b08c38f0415438f5f92380ecb902bb
521f94256b2e677cebf32404641ea8b23c18b2a4
696a8fc71eb173d6434e990a93fca753df22378de0e3014f529db7654d27cf77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d9b08c38f0415438f5f92380ecb902bb
521f94256b2e677cebf32404641ea8b23c18b2a4
696a8fc71eb173d6434e990a93fca753df22378de0e3014f529db7654d27cf77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/847594148/?random=1667670130086&cv=11&fst=1667667600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.elephantpassresort.com%2F&tiba=Elephant%20Pass%20Ayurveda%20-%20Ayurvedic%20Resort%20Kerala%20%26%20Yoga%20Retreat%20Kerala&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3190590532&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/847594148/?random=1667670130086&cv=11&fst=1667667600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.elephantpassresort.com%2F&tiba=Elephant%20Pass%20Ayurveda%20-%20Ayurvedic%20Resort%20Kerala%20%26%20Yoga%20Retreat%20Kerala&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3190590532&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/847594148/?random=1667670130086&cv=11&fst=1667667600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.elephantpassresort.com%2F&tiba=Elephant%20Pass%20Ayurveda%20-%20Ayurvedic%20Resort%20Kerala%20%26%20Yoga%20Retreat%20Kerala&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3190590532&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 17:42:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/847594148/?random=1667670130093&cv=11&fst=1667670130093&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&label=Lof6CJyT1q8DEKSFlZQD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.elephantpassresort.com%2F&tiba=Elephant%20Pass%20Ayurveda%20-%20Ayurvedic%20Resort%20Kerala%20%26%20Yoga%20Retreat%20Kerala>m_ee=1&auid=1201895846.1667670130&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.35200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/847594148/?random=1667670130093&cv=11&fst=1667670130093&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&label=Lof6CJyT1q8DEKSFlZQD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.elephantpassresort.com%2F&tiba=Elephant%20Pass%20Ayurveda%20-%20Ayurvedic%20Resort%20Kerala%20%26%20Yoga%20Retreat%20Kerala>m_ee=1&auid=1201895846.1667670130&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.35:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/847594148/?random=1667670130093&cv=11&fst=1667670130093&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&label=Lof6CJyT1q8DEKSFlZQD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.elephantpassresort.com%2F&tiba=Elephant%20Pass%20Ayurveda%20-%20Ayurvedic%20Resort%20Kerala%20%26%20Yoga%20Retreat%20Kerala>m_ee=1&auid=1201895846.1667670130&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.elephantpassresort.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 17:42:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-77532242-1&cid=1554327217.1667670130&jid=1085352401&gjid=665989814&_gid=84603013.1667670131&_u=YADAAUAAAAAAACAAI~&z=795370432
64.233.162.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-77532242-1&cid=1554327217.1667670130&jid=1085352401&gjid=665989814&_gid=84603013.1667670131&_u=YADAAUAAAAAAACAAI~&z=795370432
IP 64.233.162.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-77532242-1&cid=1554327217.1667670130&jid=1085352401&gjid=665989814&_gid=84603013.1667670131&_u=YADAAUAAAAAAACAAI~&z=795370432 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.elephantpassresort.com
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.elephantpassresort.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 05 Nov 2022 17:42:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d9b08c38f0415438f5f92380ecb902bb
521f94256b2e677cebf32404641ea8b23c18b2a4
696a8fc71eb173d6434e990a93fca753df22378de0e3014f529db7654d27cf77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-P8RGG2DB49>m=2oeb20&_p=399351732&cid=1554327217.1667670130&ul=en-us&sr=1280x1024&_s=1&sid=1667670130&sct=1&seg=0&dl=https%3A%2F%2Fwww.elephantpassresort.com%2F&dt=Elephant%20Pass%20Ayurveda%20-%20Ayurvedic%20Resort%20Kerala%20%26%20Yoga%20Retreat%20Kerala&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-P8RGG2DB49>m=2oeb20&_p=399351732&cid=1554327217.1667670130&ul=en-us&sr=1280x1024&_s=1&sid=1667670130&sct=1&seg=0&dl=https%3A%2F%2Fwww.elephantpassresort.com%2F&dt=Elephant%20Pass%20Ayurveda%20-%20Ayurvedic%20Resort%20Kerala%20%26%20Yoga%20Retreat%20Kerala&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-P8RGG2DB49>m=2oeb20&_p=399351732&cid=1554327217.1667670130&ul=en-us&sr=1280x1024&_s=1&sid=1667670130&sct=1&seg=0&dl=https%3A%2F%2Fwww.elephantpassresort.com%2F&dt=Elephant%20Pass%20Ayurveda%20-%20Ayurvedic%20Resort%20Kerala%20%26%20Yoga%20Retreat%20Kerala&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.elephantpassresort.com
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.elephantpassresort.com
date: Sat, 05 Nov 2022 17:42:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/wp-postratings/images/stars(png)/rating_over.png
103.76.228.55301 Moved Permanently 0 B URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/wp-postratings/images/stars(png)/rating_over.png
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/wp-postratings/images/stars(png)/rating_over.png HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Cookie: nitroCachedPage=0; _gcl_au=1.1.1201895846.1667670130
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.elephantpassresort.com
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/
103.76.228.55200 OK 35 B URL HTTP/2 www.elephantpassresort.com/
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with no line terminators
Hash af24f206c243435cd6854926767bd8e3
fba05d2416b9ee5e45683a50986fe6525a1ee002
637814b8a8eb99a040d64f8c94ae499ed65b1085d8908eee1c7ed4136a4c65c3
Analyzer Verdict Alert fortinet Malware
POST / HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------7689279153156763644850527011
Content-Length: 832
Origin: https://www.elephantpassresort.com
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Cookie: nitroCachedPage=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-nitro-beacon: FORWARD
cache-control: no-cache
vary: Accept-Encoding
content-encoding: gzip
content-length: 35
content-type: text/html; charset=UTF-8
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=342049462929521&ev=PageView&dl=https%3A%2F%2Fwww.elephantpassresort.com%2F&rl=&if=false&ts=1667670131115&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667670131114.1586698042&it=1667670130660&coo=false&rqm=GET
157.240.240.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=342049462929521&ev=PageView&dl=https%3A%2F%2Fwww.elephantpassresort.com%2F&rl=&if=false&ts=1667670131115&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667670131114.1586698042&it=1667670130660&coo=false&rqm=GET
IP 157.240.240.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=342049462929521&ev=PageView&dl=https%3A%2F%2Fwww.elephantpassresort.com%2F&rl=&if=false&ts=1667670131115&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667670131114.1586698042&it=1667670130660&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 05 Nov 2022 17:42:12 GMT
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 78713518149ebd07326bf29641bd337d
3ba77156180e0c3394c2c1ebd3f0564dcfb14a38
2067242c3f45227528577f034ff231a8464c39ea15053499126f62afd717c39d
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5661
Cache-Control: max-age=95409
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:42:14 GMT
Etag: "63655c0a-1d7"
Expires: Sun, 06 Nov 2022 20:12:23 GMT
Last-Modified: Fri, 04 Nov 2022 18:38:02 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
to.getnitropack.com/
194.242.11.186200 OK 20 B IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with no line terminators
Hash c23d32bc84330ad96c990858c2eb1235
3e5b07d19cb12ba27e5777030db284a0abe5209e
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
POST / HTTP/1.1
Host: to.getnitropack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------379618069716486085593888454295
Content-Length: 491
Origin: https://www.elephantpassresort.com
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:42:14 GMT
content-type: text/html; charset=utf-8
content-length: 20
server: BunnyCDN-NO-830
cdn-pullzone: 234442
cdn-uid: b7e07321-6c82-48dc-b332-ec6b5d5d2a32
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=0
content-encoding: none
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15724800; includeSubDomains
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/05/2022 17:42:14
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: c842d50438a47377392483e58c85efce
X-Firefox-Spdy: h2
www.elephantpassresort.com/
103.76.228.55200 OK 51 kB URL HTTP/2 www.elephantpassresort.com/
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6eb0b98381e4476ee38d03199bc74015
d24c74c0af51adcbc6e5d4ccdc6278a66ea56ec3
0e5553b56f296252cc8f8d7651f11e3afc1c639067821a4791d49b7be96792ed
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.elephantpassresort.com/
Connection: keep-alive
Cookie: nitroCachedPage=0; _gcl_au=1.1.1201895846.1667670130; _ga_P8RGG2DB49=GS1.1.1667670130.1.0.1667670130.0.0.0; _ga=GA1.2.1554327217.1667670130; _gid=GA1.2.84603013.1667670131; _gat_gtag_UA_77532242_1=1; _fbp=fb.1.1667670131114.1586698042
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:42:12 GMT
server: Apache
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-nitro-cache: MISS
link: <https://www.elephantpassresort.com/wp-json/>; rel="https://api.w.org/", <https://www.elephantpassresort.com/wp-json/wp/v2/pages/7366>; rel="alternate"; type="application/json", <https://www.elephantpassresort.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: false
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
103.76.228.55200 OK 0 B URL HTTP/2 www.elephantpassresort.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 14:11:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Dosis%3A300%2C400%2C500%2C700%7CCormorant%3A400%2C400i&ver=6.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Dosis%3A300%2C400%2C500%2C700%7CCormorant%3A400%2C400i&ver=6.1
IP 142.250.74.10:0
GET /css?family=Dosis%3A300%2C400%2C500%2C700%7CCormorant%3A400%2C400i&ver=6.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 05 Nov 2022 17:42:10 GMT
date: Sat, 05 Nov 2022 17:42:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/uploads/2020/01/banner3.jpg
103.76.228.55200 OK 0 B URL HTTP/2 www.elephantpassresort.com/wp-content/uploads/2020/01/banner3.jpg
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
GET /wp-content/uploads/2020/01/banner3.jpg HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:44 GMT
accept-ranges: bytes
content-length: 197441
content-type: image/jpeg
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=14.4.0
103.76.228.55200 OK 0 B URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=14.4.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gutenberg/build/block-library/style.css?ver=14.4.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Oct 2022 11:46:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3
103.76.228.55200 OK 0 B URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:22:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/uploads/2021/05/admin-ajax-removebg-preview.png
103.76.228.55200 OK 0 B URL HTTP/2 www.elephantpassresort.com/wp-content/uploads/2021/05/admin-ajax-removebg-preview.png
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
GET /wp-content/uploads/2021/05/admin-ajax-removebg-preview.png HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 May 2021 16:49:06 GMT
accept-ranges: bytes
content-length: 29333
content-type: image/png
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/uploads/cmsmasters_styles/hotel-lux.css?ver=1.0.0
103.76.228.55200 OK 0 B URL HTTP/2 www.elephantpassresort.com/wp-content/uploads/cmsmasters_styles/hotel-lux.css?ver=1.0.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
GET /wp-content/uploads/cmsmasters_styles/hotel-lux.css?ver=1.0.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 29 Oct 2022 16:40:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/themes/hotel-lux/js/jquery.iLightBox.min.js?ver=2.2.0
103.76.228.55200 OK 0 B URL HTTP/2 www.elephantpassresort.com/wp-content/themes/hotel-lux/js/jquery.iLightBox.min.js?ver=2.2.0
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hotel-lux/js/jquery.iLightBox.min.js?ver=2.2.0 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:24:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/blocks/btn.style.build.css?ver=2.4.18
103.76.228.55200 OK 0 B URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/kadence-blocks/dist/blocks/btn.style.build.css?ver=2.4.18
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
GET /wp-content/plugins/kadence-blocks/dist/blocks/btn.style.build.css?ver=2.4.18 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Apr 2022 21:57:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1007
content-type: text/css
date: Sat, 05 Nov 2022 17:42:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8
103.76.228.55200 OK 0 B URL HTTP/2 www.elephantpassresort.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8
IP 103.76.228.55:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8 HTTP/1.1
Host: www.elephantpassresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.elephantpassresort.com/
Cookie: nitroCachedPage=0; _gcl_au=1.1.1201895846.1667670130
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jan 2020 04:22:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 05 Nov 2022 17:42:11 GMT
server: Apache
X-Firefox-Spdy: h2