r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7175
Expires: Sat, 08 Oct 2022 20:53:54 GMT
Date: Sat, 08 Oct 2022 18:54:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 3f17af4e8a1739eda4a518039f4892f9
c3feba08ae7e8f57e0fe9bcd2ebedea6bda67cbb
c485b09cad08b5233fe8753682faf59219fe0d18fcc34d90dc88fb0971295f5f
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 08 Oct 2022 18:47:23 GMT
Expires: Sat, 08 Oct 2022 19:23:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aUo-fG5mkUlq8ocmvCFNdK3EkBAwuYSaByS-JA1cg96U8yKNwbymOw==
Age: 416
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6635
Expires: Sat, 08 Oct 2022 20:44:54 GMT
Date: Sat, 08 Oct 2022 18:54:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +SrCKESricA6uoGu4PCq38M+I1uapg349/wmV7Ip5RQXXWPZrG6dMgMtvZRrfVv3DrYqMSfSclQ=
x-amz-request-id: ZTEWWQT51ANAA4PN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 08 Oct 2022 18:31:45 GMT
age: 1354
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 18:54:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sat, 08 Oct 2022 18:29:41 GMT
Cache-Control: max-age=3600
Expires: Sat, 08 Oct 2022 19:23:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xjf9C69XGKo5YdC0FLg3YVdNJFGh8bUR6eX5yq569FsWxkE3-SlHfQ==
Age: 1478
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5479444ef227af03029fbb9d154f0107
0563678ec07ab3707b716ca4c638ece4c8ad7de4
4850d49786a140003b90ae108104ffbfe80a6e0d9f584656a09f0fff11dc9d0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5756
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 18:54:19 GMT
Last-Modified: Sat, 08 Oct 2022 17:18:23 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
www.vacacionandocr.com/
190.184.196.186301 Moved Permanently 0 B IP 190.184.196.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 08 Oct 2022 18:54:19 GMT
Server: Apache
X-Redirect-By: WordPress
Location: https://www.vacacionandocr.com/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: om90tj4xx88ZP2GgQyfNTA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u8xcMDdxn2HpmWQY3xDnQMUxoYs=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ee96d771e1664e3afe56cf32bfe45eee
3ab9109d6f7a952cf2f7071ecb5ee186f9eebf6a
df7a23267a1a0bddc477d2b3f4c870b6a6ab7b4dca5fc38164d814ccae2b2fdd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 18:54:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1d13c38762edee3ea0af663f3e4553be
894a45402ded63c20b5062b2aae8b3894be80996
781d3684b9efe9d34182e7a740c759749a80c085576681bd5077d342e4448ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 18:54:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.vacacionandocr.com/
190.184.196.186200 OK 145 kB IP 190.184.196.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9261), with CRLF, LF line terminators
Size 145 kB (145416 bytes)
Hash cef13b0bc166383bfe7f92a52b01b79f
2bec8a62ac5e64334a892ba3c002325a3926e984
8bce361c0c3f9cc98faf3522111edf6f1410641c3256832a6a062b5095f5610c
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:20 GMT
Server: Apache
X-Cache-Handler: cache-enabler-engine
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.vacacionandocr.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
190.184.196.186200 OK 2.7 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
IP 190.184.196.186:0
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:27 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.12
190.184.196.186200 OK 776 B URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.12
IP 190.184.196.186:0
Hash a5bf64d5859ee94a3e8e93d592d6d2a0
049eb63b42dbb820b06870a430f523bf06880721
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.12 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:43 GMT
Accept-Ranges: bytes
Content-Length: 776
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7225
Expires: Sat, 08 Oct 2022 20:54:46 GMT
Date: Sat, 08 Oct 2022 18:54:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dcf23b32642f7a82a0a7d734a631bca
9dc8bd1a00dcb896fade6d3112ef53439ecb8fe7
add9aab4427819610f8d693758a752910cf314346e974b7636a82381ab9daa4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4252
x-amzn-requestid: 8d6a225c-6389-4f20-9b90-494841f47c99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1R4GjCIAMFX-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409c0b-4076dc933185d9fd6b68e802;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:37:15 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Wb1JAlWtR9sSEi_KuYZivvMivSxZjo92LGpWgFppol5zgapK6eQ-dg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:39:48 GMT
etag: "9dc8bd1a00dcb896fade6d3112ef53439ecb8fe7"
content-type: image/jpeg
age: 76473
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56d7dd70-3706-4d51-94da-88fa19a58ad8.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56d7dd70-3706-4d51-94da-88fa19a58ad8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5c4757ceb6dce32d0f9d26d5b3df038
d8209d82f61c7a09e00756e5dd32c99bc61af4a8
6aa007279ba4cdea3f772e0601e4082d40ee947ef8cc1201ce0009fb42ca9885
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56d7dd70-3706-4d51-94da-88fa19a58ad8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3c3ff89f-8a8c-44ae-981a-0e9adaf7d959
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zj_dSEs8IAMFqFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e45ee-6c97b82d137c2f1951270b82;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 03:05:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6wWlD3C6HI9oxa0VAYA6N5afAcUDTQXdO8X31eZUglfdC6jSQo_gew==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 04:44:42 GMT
age: 50979
etag: "d8209d82f61c7a09e00756e5dd32c99bc61af4a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
190.184.196.186200 OK 19 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 190.184.196.186:0
File type ASCII text, with very long lines (19233)
Hash d183c598fd582fe997f6782afed84f9b
7799820e0e849e8484543c3360a8d8cc62baa32f
83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 19279
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Vy9jQu1a8BGypY4C4u_9gao5wPEkVHgArhG2zMNdH8KfBS0lfmyHBA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:43:41 GMT
age: 76240
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e9e3511-179a-47a1-a41a-7b5f6ecbf14f.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e9e3511-179a-47a1-a41a-7b5f6ecbf14f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6207431ae268d805fb92237925c8fc0
075b576b0d47e0f6cbbb9dc85f87e8ca4e8eca87
bb8966bd5b80f1ba6c974925df0610e0a219759ab92df062e135baae02fa0071
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e9e3511-179a-47a1-a41a-7b5f6ecbf14f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5440
x-amzn-requestid: c9408e3c-29f6-4a53-b09d-0c3f49e99287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp3AzFQ3oAMF_Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409ed1-1da6e8c500879b080c66fdfe;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:49:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: M8TN3UdactHymyCJFQHV86X0fYsS-_V7Yu-7dUWFnOUyRonAqQHpGw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 22:14:30 GMT
age: 74391
etag: "075b576b0d47e0f6cbbb9dc85f87e8ca4e8eca87"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bc50d1380ae8fc980ae1cc38f2371c7
be79aecfd7eefa89c409ed743402a292ff0ce6c0
43e015802ba453d4cd79984b53efa8a529ece62760f6693f9daeb2388179201f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6366
x-amzn-requestid: ddcd915d-2606-4243-969e-19fb02b5b6d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1EJGoSIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409bb3-1c7bd17a2dcdd25e4da6d346;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:35:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aaHDHE38nByvpccXO4wHgHk6BAOPZDsFdXxi2-KgjUaXvjC58nlGUQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:55:27 GMT
age: 75534
etag: "be79aecfd7eefa89c409ed743402a292ff0ce6c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa96a8500-2a22-4035-9ef1-326d1694aabe.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa96a8500-2a22-4035-9ef1-326d1694aabe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15ba06e4cfdbb4480ad9d3d07a70f7d1
54050ea4062695b87d04d69f455b957bc93c9be6
9ee148a18daffcd7e3892ee7818886b7ee8763272c97b627d368d1dc995836bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa96a8500-2a22-4035-9ef1-326d1694aabe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8628
x-amzn-requestid: 858952a7-50aa-4942-a58a-6b1a8ead66cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp2BeG45oAMF0yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409d3c-6e26167b1944a0e518b0686e;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:42:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: olEe_ETm0OBokLbkhr2a5invlm5stvDH86HZKIIDNuytlH7bgr_SpQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 22:23:04 GMT
age: 73877
etag: "54050ea4062695b87d04d69f455b957bc93c9be6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7225
Expires: Sat, 08 Oct 2022 20:54:46 GMT
Date: Sat, 08 Oct 2022 18:54:21 GMT
Connection: keep-alive
www.vacacionandocr.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
190.184.196.186200 OK 19 kB URL HTTP/1.1 www.vacacionandocr.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 190.184.196.186:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 07:05:33 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7225
Expires: Sat, 08 Oct 2022 20:54:46 GMT
Date: Sat, 08 Oct 2022 18:54:21 GMT
Connection: keep-alive
www.vacacionandocr.com/wp-content/uploads/elementor/css/post-8.css?ver=1660959992
190.184.196.186200 OK 1.1 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/css/post-8.css?ver=1660959992
IP 190.184.196.186:0
File type ASCII text, with very long lines (1117), with no line terminators
Hash 86260c336d08b259c7ba2f5b0216f572
e5f71f3fd57f2e06f23bd2b2f5c40a156ea724e6
af796b5afc82063de93d0ff5457b58891ca2766609d424ee036ac405975b9e88
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-8.css?ver=1660959992 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:46:32 GMT
Accept-Ranges: bytes
Content-Length: 1117
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/plugins/wp-whatsapp/assets/dist/css/style.css?ver=6.0.2
190.184.196.186200 OK 42 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/wp-whatsapp/assets/dist/css/style.css?ver=6.0.2
IP 190.184.196.186:0
File type ASCII text, with very long lines (42449), with no line terminators
Hash c780550d905cdf8075e23a8ee639f000
2b290d57fbf06ed1decfb6869166b2579a137771
8d3446c3dd4a5fae1b0f0bbc331ffce4b347555612a230a2a3531a9610ca3625
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-whatsapp/assets/dist/css/style.css?ver=6.0.2 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:20 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 01:42:08 GMT
Accept-Ranges: bytes
Content-Length: 42449
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
190.184.196.186200 OK 89 kB URL HTTP/1.1 www.vacacionandocr.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 190.184.196.186:0
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:20 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 19:54:29 GMT
Accept-Ranges: bytes
Content-Length: 88932
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/plugins/powerpack-lite-for-elementor/assets/css/min/frontend.min.css?ver=2.6.19
190.184.196.186200 OK 137 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/powerpack-lite-for-elementor/assets/css/min/frontend.min.css?ver=2.6.19
IP 190.184.196.186:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 137 kB (136566 bytes)
Hash 5b45b978d70b9681b2984c9d5bb10f41
47d03444147f8e5afdaeed2e6fc5fa24022c5f11
e6fd76d84620bdca01a9cbdf19bd2326570dcd8969b9e59eef54445d61e041b4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/powerpack-lite-for-elementor/assets/css/min/frontend.min.css?ver=2.6.19 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:55 GMT
Accept-Ranges: bytes
Content-Length: 136566
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/uploads/elementor/css/post-2248.css?ver=1661042882
190.184.196.186200 OK 6.9 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/css/post-2248.css?ver=1661042882
IP 190.184.196.186:0
File type ASCII text, with very long lines (3305)
Hash 8f653a85a3b5eb84ee43521b092179df
d4ee1338dc96703782a0c67d08bd5d2876d511d3
fc689d5924233ffe154b2a797aa0af585d810790fe68e7e0190fd26b45b8b999
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-2248.css?ver=1661042882 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Sun, 21 Aug 2022 00:48:02 GMT
Accept-Ranges: bytes
Content-Length: 6896
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/uploads/elementor/css/post-2265.css?ver=1661032149
190.184.196.186200 OK 5.6 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/css/post-2265.css?ver=1661032149
IP 190.184.196.186:0
File type ASCII text, with very long lines (5583), with no line terminators
Hash ecfae964d499108efb47f2c48aea2bad
42a23db94d876de8f894f03e4e9df982ddb23555
6a4a4992f36bbffe8aad8300d331075fe5fe21099ad1f82b0d8d7dfebfc61b06
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-2265.css?ver=1661032149 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 21:49:09 GMT
Accept-Ranges: bytes
Content-Length: 5583
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/uploads/elementor/css/post-2.css?ver=1661819524
190.184.196.186200 OK 64 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/css/post-2.css?ver=1661819524
IP 190.184.196.186:0
File type ASCII text, with very long lines (63505), with no line terminators
Hash 8faca08208ada3c6d87d5a9a4089d40b
f7e84355ef98fbaf7f6ca4fe8dd8073400a8d638
216da448db102e74c9c14b2e545e3d2e32f4f9a9ec2b0f2247da562c45e5baa0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-2.css?ver=1661819524 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 00:32:04 GMT
Accept-Ranges: bytes
Content-Length: 63505
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/themes/twentytwentyone/style.css?ver=1.0
190.184.196.186200 OK 156 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/themes/twentytwentyone/style.css?ver=1.0
IP 190.184.196.186:0
File type Unicode text, UTF-8 text, with very long lines (403)
Size 156 kB (156102 bytes)
Hash f67f7435adf0561c3cb30bc37ca31c6f
87026bd5b9b7cf736ca20c5a0079ea3ac01c6752
15d9ad68c78db040b301599f6b891abaafcf1e4d6a4c04f07e00276da2f91ae1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/twentytwentyone/style.css?ver=1.0 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 07:06:36 GMT
Accept-Ranges: bytes
Content-Length: 156102
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/themes/Vacacionando/style.css?ver=1.0
190.184.196.186200 OK 1.2 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/themes/Vacacionando/style.css?ver=1.0
IP 190.184.196.186:0
Hash 5631804343abe8ccd7ed2508886118c0
520ddd151362b3536d15d2e2010d7336986c37de
46d0315ab74505c0531485f91d0832411b9018261cd341d59a8fb03c1d9d45f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Vacacionando/style.css?ver=1.0 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 07:06:44 GMT
Accept-Ranges: bytes
Content-Length: 1219
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.2.3
190.184.196.186200 OK 3.4 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.2.3
IP 190.184.196.186:0
File type ASCII text, with very long lines (3432)
Hash 9a9ecfe405e38be1cf08b752d3afbda9
8f55bc1619b42231d464bf965c67cfddf6b29df9
b9b869f479a2181cbc0c5d8b6e5bb8bb9cbf81d59a18d056681d8b3de448b1d4
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.2.3 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:49 GMT
Accept-Ranges: bytes
Content-Length: 3433
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
190.184.196.186200 OK 58 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 190.184.196.186:0
File type ASCII text, with very long lines (57726)
Hash eeb705d0bdccfd645d3bbd46dd1fbab3
066def290f42ed8c00860e573cc880bd46e9ced4
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 57912
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.1
190.184.196.186200 OK 108 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.1
IP 190.184.196.186:0
File type ASCII text, with very long lines (65497)
Size 108 kB (108417 bytes)
Hash 2cf333197ea9956b182266488b7a5993
bb56b95c7b7b7ad65e171901841a171872342592
2fb09d68a3292a8a2a75fa536ae1f95eb664b7100e56a358c771a791cbdd9ece
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.1 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 108417
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.12
190.184.196.186200 OK 76 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.12
IP 190.184.196.186:0
File type Unicode text, UTF-8 text, with very long lines (1646)
Hash 2395c81e72a52f14588816b4f72a7f17
711357e8d49c28be7605fcfbf881b90567decee1
ea14d1b1233e6cbc9b1a156ac532f076f7adafc309726fca7bf8833f882ac872
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.12 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:43 GMT
Accept-Ranges: bytes
Content-Length: 75684
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
190.184.196.186200 OK 669 B URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 190.184.196.186:0
File type ASCII text, with very long lines (483)
Hash 9eb2d3c87feb6bb2ffa63b70532b1477
38f226335a05ab0e30497bc7419eb5e243a9e26c
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 669
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
190.184.196.186200 OK 677 B URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP 190.184.196.186:0
File type ASCII text, with very long lines (491)
Hash 3eef8c9e589a6fd58292e79bbac4ba5d
d3ebdb629b8d9c92380b14b1676b123398f0841b
eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 677
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
190.184.196.186200 OK 675 B URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 190.184.196.186:0
File type ASCII text, with very long lines (489)
Hash 144e43c3b3d8ea5b278c062c202c92f2
3c037057a419245849747b4762d09d88cab66fc1
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 675
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
190.184.196.186200 OK 90 kB URL HTTP/1.1 www.vacacionandocr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 190.184.196.186:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 07:45:50 GMT
Accept-Ranges: bytes
Content-Length: 89521
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
190.184.196.186200 OK 11 kB URL HTTP/1.1 www.vacacionandocr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 190.184.196.186:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:21 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 07:45:51 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.0.2
190.184.196.186200 OK 1.3 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.0.2
IP 190.184.196.186:0
File type ASCII text, with very long lines (1146)
Hash ff9016c99f73c592c2648319ea6d2074
f2918fb5f72121b67f74c5f5ccbb47a2eb1317b0
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.0.2 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 01:35:43 GMT
Accept-Ranges: bytes
Content-Length: 1317
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
190.184.196.186200 OK 1.7 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
IP 190.184.196.186:0
File type ASCII text, with very long lines (1709), with no line terminators
Hash fbaff6df5010e82fec77e88acd359eb5
ca5b3dc99936b2865ef02d756ede49ad455ba4a0
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 01:35:43 GMT
Accept-Ranges: bytes
Content-Length: 1709
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
190.184.196.186200 OK 13 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
IP 190.184.196.186:0
File type ASCII text, with very long lines (12953)
Hash d71fcc33458e78f0a7c4985c947ecb63
d82d082692414beeebb00934ffd2e5bc5d5066fb
967f9ea650deff3547e23b84f1065fb1bb615eea954bdcbb93fe356204c3d711
GET /wp-content/plugins/elementor/assets/css/widget-icon-box.min.css HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 12992
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/plugins/strong-testimonials/templates/default/content.css?ver=3.0.1
190.184.196.186200 OK 9.1 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/strong-testimonials/templates/default/content.css?ver=3.0.1
IP 190.184.196.186:0
Hash 50d8b93710331a05d6ceea0a89c4e250
221d291948752872aadab4311ee250fc5e85d4e1
3f1cfe0b8301d1d030bdd065d84a0f72c78b442156f47801913cc72a9edd2216
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/strong-testimonials/templates/default/content.css?ver=3.0.1 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:46:01 GMT
Accept-Ranges: bytes
Content-Length: 9057
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons2.css?ver=3.0.1
190.184.196.186200 OK 6.0 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons2.css?ver=3.0.1
IP 190.184.196.186:0
Hash e9306de0886ab5b20e30b1986289c9de
e5f12fe80435e86217e6180d477134e8c64b310c
7fa3ed107662cc3c0b3df2e72f188ba62d547e0601bde2ff2598448c00395651
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons2.css?ver=3.0.1 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:46:01 GMT
Accept-Ranges: bytes
Content-Length: 5996
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.1
190.184.196.186200 OK 18 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.1
IP 190.184.196.186:0
File type ASCII text, with very long lines (10019)
Hash 4601ba55044413706c2022cb6c1c3d05
5103ec2fbb389568ebf5cfe4fd721f3df2ff7aec
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.1 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 18468
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
190.184.196.186200 OK 6.5 kB URL HTTP/1.1 www.vacacionandocr.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 190.184.196.186:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 19:55:19 GMT
Accept-Ranges: bytes
Content-Length: 6475
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.1.1
190.184.196.186200 OK 82 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.1.1
IP 190.184.196.186:0
Hash 965d0009e9d6821dd6ef32d40a126bcb
74eb9532029516d7c9d2daebffeea5a5b59333c8
e7002c5aeef31f1a634e0118a73f412a17bc2ccf2cfbb57e2ae5cecdaacdc68e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.1.1 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 01:35:44 GMT
Accept-Ranges: bytes
Content-Length: 82303
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
190.184.196.186200 OK 19 kB URL HTTP/1.1 www.vacacionandocr.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 190.184.196.186:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 57459b58fd7665a5e20b2345463df9c9
71c3b177ad1412d5e0b56d99f18bc345148df88b
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 19:55:39 GMT
Accept-Ranges: bytes
Content-Length: 19142
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/wp-whatsapp/assets/dist/js/njt-whatsapp.js?ver=3.2
190.184.196.186200 OK 33 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/wp-whatsapp/assets/dist/js/njt-whatsapp.js?ver=3.2
IP 190.184.196.186:0
File type ASCII text, with very long lines (32906), with no line terminators
Hash e68393796652ba287c3b42dda8051f76
5685119d9bc78c57cdfe25d2be134df04b4e06b7
20b03876199f27ca32010772a99853c2a01dd51cc07b31eaa52d9bc8c3f1e712
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-whatsapp/assets/dist/js/njt-whatsapp.js?ver=3.2 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 01:42:09 GMT
Accept-Ranges: bytes
Content-Length: 32906
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
190.184.196.186200 OK 22 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
IP 190.184.196.186:0
File type ASCII text, with very long lines (21905), with no line terminators
Hash ae0f40d4f21faa4c3ae5e3ec85853384
c94eb67feaf4d226d3e08ccd7e2d236d1a013c5d
32dd00604df8db3415240d450341558b6827b1e02dc0f211d8a6d9a4287c522e
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:27 GMT
Accept-Ranges: bytes
Content-Length: 21905
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/wp-whatsapp/assets/js/whatsapp-button.js?ver=3.2
190.184.196.186200 OK 888 B URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/wp-whatsapp/assets/js/whatsapp-button.js?ver=3.2
IP 190.184.196.186:0
Hash 0a93084318763e71e66c860b71caf9ca
69bec1073e483b81e9d4f87c75dc5f2685e762f2
34e33d9ff223080eb9bbb846525d2290d517313e3889e212d55046d68cd4b7db
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-whatsapp/assets/js/whatsapp-button.js?ver=3.2 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 01:38:36 GMT
Accept-Ranges: bytes
Content-Length: 888
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/themes/twentytwentyone/assets/js/primary-navigation.js?ver=1.0
190.184.196.186200 OK 6.0 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/themes/twentytwentyone/assets/js/primary-navigation.js?ver=1.0
IP 190.184.196.186:0
Hash ca0ef29bd2b697aa2194c0bbbb77cc98
a6ffde74bd9dc170aed36cc675df91af4e9fa277
896a30041e1249377848e9351f2fa7b064c64bcb75cb1bbcac7230284d9f1a9f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/twentytwentyone/assets/js/primary-navigation.js?ver=1.0 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 11:54:36 GMT
Accept-Ranges: bytes
Content-Length: 6018
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash de13f970f8aba26b5635ed31a9f7c667
2ce848652b67e0c2f9d8f5b299a80764cf83bf31
e3c3ee004ba0175fe4363bc1011e26f66fce0f848c83949a5d430e7d61ab781a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 18:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vacacionandocr.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 256814
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash de13f970f8aba26b5635ed31a9f7c667
2ce848652b67e0c2f9d8f5b299a80764cf83bf31
e3c3ee004ba0175fe4363bc1011e26f66fce0f848c83949a5d430e7d61ab781a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 18:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash de13f970f8aba26b5635ed31a9f7c667
2ce848652b67e0c2f9d8f5b299a80764cf83bf31
e3c3ee004ba0175fe4363bc1011e26f66fce0f848c83949a5d430e7d61ab781a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 18:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8a2449aeb44e755b2e6897d30993dda0
16cd83b0e0975ebf09e7035c26bbda168af42ac8
fd80527f810be13b70107c447b6f6f226c6145fbcc3b5446f9c834bca2f1597b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 18:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash de13f970f8aba26b5635ed31a9f7c667
2ce848652b67e0c2f9d8f5b299a80764cf83bf31
e3c3ee004ba0175fe4363bc1011e26f66fce0f848c83949a5d430e7d61ab781a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 18:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
216.58.207.195200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Hash 60f23230f1a8d5c3b7d25b73f5b5ce23
ed08ada85d017893b9bcb8224e99154c6708f5d2
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vacacionandocr.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:14:36 GMT
expires: Tue, 03 Oct 2023 21:14:36 GMT
cache-control: public, max-age=31536000
age: 423586
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vacacionandocr.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 05:42:51 GMT
expires: Fri, 06 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 220291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vacacionandocr.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 14:07:32 GMT
expires: Thu, 05 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 276410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.vacacionandocr.com/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.0
190.184.196.186200 OK 1.1 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.0
IP 190.184.196.186:0
Hash 75d7822d25873fd727beecf0744affa4
deccb4fe7c3d9617e292f2440d402af5de0e9908
c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.0 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 11:54:37 GMT
Accept-Ranges: bytes
Content-Length: 1127
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.2.3
190.184.196.186200 OK 8.0 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.2.3
IP 190.184.196.186:0
File type ASCII text, with very long lines (8016), with no line terminators
Hash a889ab4fcd44175db4bf271c83c50d37
dd57bf2e29b28491b610fcb758d8ab53f3c6649d
d2f2fe7e10c8a8cf933afea3f0fb4a89cf74262405024cd908e7d59f5f03c16c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.2.3 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:49 GMT
Accept-Ranges: bytes
Content-Length: 8016
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.12
190.184.196.186200 OK 27 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.12
IP 190.184.196.186:0
Hash 5c37c12bdbed9edeeade7e37f93e2554
e56804d2640d98379f4d24b938241ab24944ed99
8d13e5f190e4c0f968ed033233598e278d294737abc5a46c5e0505b1f88320cb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.12 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:43 GMT
Accept-Ranges: bytes
Content-Length: 27307
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8a2449aeb44e755b2e6897d30993dda0
16cd83b0e0975ebf09e7035c26bbda168af42ac8
fd80527f810be13b70107c447b6f6f226c6145fbcc3b5446f9c834bca2f1597b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 18:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16
190.184.196.186200 OK 1.2 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16
IP 190.184.196.186:0
Hash cd156e40fd815ff532b6dd8dbb5ffaa1
74ac7fb54741055f249f4237b14ef20d0c7e60d0
93a90efcdb00f1a394d7c9e04fcdc9b7c3589d24ad20046dc4e25553a5672c34
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:46:01 GMT
Accept-Ranges: bytes
Content-Length: 1238
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
190.184.196.186200 OK 5.6 kB URL HTTP/1.1 www.vacacionandocr.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 190.184.196.186:0
File type ASCII text, with very long lines (5477)
Hash 3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 07:05:25 GMT
Accept-Ranges: bytes
Content-Length: 5629
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-includes/js/underscore.min.js?ver=1.13.3
190.184.196.186200 OK 19 kB URL HTTP/1.1 www.vacacionandocr.com/wp-includes/js/underscore.min.js?ver=1.13.3
IP 190.184.196.186:0
File type ASCII text, with very long lines (18876)
Hash 42aa17e1f850a414638ee4a32a3aa807
2e42d03a5e042701191650c041eae1cfb2d6c7b9
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 07:04:56 GMT
Accept-Ranges: bytes
Content-Length: 18911
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2
190.184.196.186200 OK 1.4 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2
IP 190.184.196.186:0
File type ASCII text, with very long lines (1382), with no line terminators
Hash d55b2094ba7726bfecc91dbd573aa096
8be6dfaf3a0044f920cc23f882bb5573b2f77b46
f24d6b3320defba731e6dd055dc838a98dbce7f64d1fff9eaacb501113d6b11a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:46:01 GMT
Accept-Ranges: bytes
Content-Length: 1382
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
190.184.196.186200 OK 4.9 kB URL HTTP/1.1 www.vacacionandocr.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 190.184.196.186:0
File type ASCII text, with very long lines (4875)
Hash b33ab4d5dcf02436276a717e9d1b7c18
f47b9a9c41b3b11c9dffabca22945727c3ec6566
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 07:10:45 GMT
Accept-Ranges: bytes
Content-Length: 4910
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
190.184.196.186200 OK 10 kB URL HTTP/1.1 www.vacacionandocr.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 190.184.196.186:0
Hash f270dd1f483179fdcfb29ce5f91aea13
166661187a97f0b6b685ec4dbdff871e9824168f
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 07:10:31 GMT
Accept-Ranges: bytes
Content-Length: 10222
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=3.0.1
190.184.196.186200 OK 24 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=3.0.1
IP 190.184.196.186:0
File type ASCII text, with very long lines (24511), with no line terminators
Hash 1869daef13202e618a54317100178697
6b43420c57550ee6ba8672d07e543c76a5ba536c
d2d334c44bf66bcabe3a150f3f4d8358207c98d2a93de78a8d118bca64871c5d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=3.0.1 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:46:01 GMT
Accept-Ranges: bytes
Content-Length: 24511
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=3.0.1
190.184.196.186200 OK 5.2 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=3.0.1
IP 190.184.196.186:0
File type ASCII text, with very long lines (5154), with no line terminators
Hash 8be478d960c1631768caccadb401d3de
474ed4aed08c7bd6a520b0e62b0bb9bf8bb10267
23e87ea207c2004ed8cde1032e7e0419a52b0ede6848d7ecc0a68f5ceb3fb728
GET /wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=3.0.1 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:46:01 GMT
Accept-Ranges: bytes
Content-Length: 5154
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/wp-whatsapp/assets/js/whatsapp-popup.js?ver=6.0.2
190.184.196.186200 OK 543 B URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/wp-whatsapp/assets/js/whatsapp-popup.js?ver=6.0.2
IP 190.184.196.186:0
Hash a3f411c086256fbbce02a971582a9536
5653cd9e4a9530e5fabbbf15bfe047994f287975
e853e383929514630e5499f0f86fd06e1b61dc7e18e5443851073188f65a3928
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-whatsapp/assets/js/whatsapp-popup.js?ver=6.0.2 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 01:38:36 GMT
Accept-Ranges: bytes
Content-Length: 543
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.1
190.184.196.186200 OK 5.0 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.1
IP 190.184.196.186:0
File type ASCII text, with very long lines (4918)
Hash 0916678ebe621cfcae1676570fad42a1
dd21415e61b51a9f8e84d2dd3ac3f44d9daf39b0
74eb63655d226b4e05d1c555fcace31e13941d8e0f2fcb1dc7dc59e2789f68e2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.1 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 4957
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.1
190.184.196.186200 OK 33 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.1
IP 190.184.196.186:0
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash c091482b4b138c910f3b1da28774002c
9a68d21326c934fa6baa6a0176cea530644f0642
23874448e8d502c1299f1a6ab837ebf5f2045716ede2fa49d13c1fbb1791646d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.1 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 32929
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
190.184.196.186200 OK 12 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 190.184.196.186:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 3819c3569da71daec283a75483735f7e
ecd40a5cc6f0b76200c454ca880210dc301cfab8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 12198
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
190.184.196.186200 OK 21 kB URL HTTP/1.1 www.vacacionandocr.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 190.184.196.186:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 6aaf0a4e8eac131defea126f5b1b5fbf
24da0326af36303e5a1e9799a3c26f7a1077928c
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 19:55:46 GMT
Accept-Ranges: bytes
Content-Length: 20715
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.1
190.184.196.186200 OK 40 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.1
IP 190.184.196.186:0
File type ASCII text, with very long lines (40463)
Hash bc8fc756cbbb2a8dfe99716c347f1e1c
5f72b9815da5b2a9e44a52d148b07af36388a744
37996581fe12adcd54d4510db1cfacfa3fd768aa01bbe5d3f9ef4b207b62cf02
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.1 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:22 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 40502
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
190.184.196.186200 OK 78 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 190.184.196.186:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 78196
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9f0247fb5bf6e6458f14094551436e1
0ac483f7caef89a55829041189790c8fc7eb8cd7
1b157a9bf613ddbf329225759780db82a249f8502b1b7cb6742907224b4c775e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 18:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
190.184.196.186200 OK 77 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 190.184.196.186:0
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 76764
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: font/woff2
www.googletagmanager.com/gtag/js?id=UA-206892589-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-206892589-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash 19d9e657e41d8d9a4e2d285270781fb3
27be47121306ab84bd701717ce7c84f717183b3f
95f33ffaf468f40453356b50b83ab8d90ee2c31309658645dc18a33dc1dfbef5
GET /gtag/js?id=UA-206892589-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 08 Oct 2022 18:54:23 GMT
expires: Sat, 08 Oct 2022 18:54:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43474
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/mesadepool-pthg98mhp4dls7dcdsbz1zbbwq340iurpmpd33c9rk.jpg
190.184.196.186200 OK 33 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/mesadepool-pthg98mhp4dls7dcdsbz1zbbwq340iurpmpd33c9rk.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 400x600, components 3\012- data
Hash 190fa15acb6886b0d40fa790f7d82927
19e49de18788a56dd66aecb08808b94251891327
0b89b78d1621f8135a2713f4640b3e61215efcc55af66d2cdafd155e35cd2122
GET /wp-content/uploads/elementor/thumbs/mesadepool-pthg98mhp4dls7dcdsbz1zbbwq340iurpmpd33c9rk.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 20:20:51 GMT
Accept-Ranges: bytes
Content-Length: 32734
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9f0247fb5bf6e6458f14094551436e1
0ac483f7caef89a55829041189790c8fc7eb8cd7
1b157a9bf613ddbf329225759780db82a249f8502b1b7cb6742907224b4c775e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 18:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/futbolin-pthg8m2d53iq1ka41ikxe509nh6avsd7mj1pkg9pww.jpg
190.184.196.186200 OK 48 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/futbolin-pthg8m2d53iq1ka41ikxe509nh6avsd7mj1pkg9pww.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 400x600, components 3\012- data
Hash c0078043e3a7589c4936d98ea088783b
4e0a3f6cf18c10bee5c2eef6660f0464b76039f8
536187e93e7ed01eeac7c326701651f39c9ef5d3c6a204c4312ff1f52ccd6f41
GET /wp-content/uploads/elementor/thumbs/futbolin-pthg8m2d53iq1ka41ikxe509nh6avsd7mj1pkg9pww.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:03 GMT
Accept-Ranges: bytes
Content-Length: 47613
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/themes/twentytwentyone/assets/css/print.css?ver=1.0
190.184.196.186200 OK 2.9 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/themes/twentytwentyone/assets/css/print.css?ver=1.0
IP 190.184.196.186:0
Hash e8e8832f251be73550f32c605bc94036
9b76b710a452a0a7b6843fe45460661fda0f1b1e
3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9
GET /wp-content/themes/twentytwentyone/assets/css/print.css?ver=1.0 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 11:54:12 GMT
Accept-Ranges: bytes
Content-Length: 2897
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/css
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/5-8-ptiaoqkwwy16ze3iftltk1a7wcig14wpzugplp17xs.png
190.184.196.186200 OK 245 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/5-8-ptiaoqkwwy16ze3iftltk1a7wcig14wpzugplp17xs.png
IP 190.184.196.186:0
File type PNG image data, 400 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 245 kB (245182 bytes)
Hash f125e5f12aa332980e1c1786547d268c
8cd3faf8573ee407d23c2158a6a7fe521eb3bd45
bc09c16f95e9cdfe414b9e14cbb3efa2a1e73d96b0524ee6bcfbe2b08442a9d0
GET /wp-content/uploads/elementor/thumbs/5-8-ptiaoqkwwy16ze3iftltk1a7wcig14wpzugplp17xs.png HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:03 GMT
Accept-Ranges: bytes
Content-Length: 245182
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
www.vacacionandocr.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
190.184.196.186200 OK 1.4 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 190.184.196.186:0
File type ASCII text, with very long lines (1320)
Hash 9b39da586e4706b5fec20cfd4cbe0319
702f7f3625936e5a513ba840f3754bb3e155485d
bf0ee7ea851bb76a93ff3e773d152b5e79a79c475e1bda809518aa9c5b57e9c3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 1359
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/elementor/assets/js/lightbox.2d166d71ba2a6a9e66fd.bundle.min.js
190.184.196.186200 OK 29 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/js/lightbox.2d166d71ba2a6a9e66fd.bundle.min.js
IP 190.184.196.186:0
File type ASCII text, with very long lines (28962)
Hash d8c0baf1d580aa0aac9dd8a60bac99a4
64b4df2ee12ddd7bcbda767cf367a5033802e2a9
1d663ca5281352effc035c925e25fb3cadc701e564439735642698b4201fb14a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/lightbox.2d166d71ba2a6a9e66fd.bundle.min.js HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 29001
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
190.184.196.186200 OK 11 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 190.184.196.186:0
File type ASCII text, with very long lines (10544)
Hash 4eee50ac6f4f364ba3a284d0753ddae3
a8e7e824e6824ae0b370ff36e2c07ca07276fae0
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 10682
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.1
190.184.196.186200 OK 2.6 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.1
IP 190.184.196.186:0
File type ASCII text, with very long lines (2620), with no line terminators
Hash 020e87460ce58802842e34a3aac97d83
d2eed5f7573c0bd640fb9f125b6bfedf43ebf9b9
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.1 HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:45:37 GMT
Accept-Ranges: bytes
Content-Length: 2620
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.vacacionandocr.com/wp-content/uploads/2022/08/VacacionesTranquilas.jpg
190.184.196.186200 OK 616 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/2022/08/VacacionesTranquilas.jpg
IP 190.184.196.186:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2022:08:01 12:31:43], baseline, precision 8, 2000x1371, components 3\012- data
Size 616 kB (615702 bytes)
Hash c8b7b68c3cdd9631f6b4c737aabbccc1
8205583607eb9f595eef54a1e74dd5c019ff0074
36992fed040a21688beb5fa6d7c1f34301244ed521308e9b23027ba040deff3a
GET /wp-content/uploads/2022/08/VacacionesTranquilas.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/wp-content/uploads/elementor/css/post-2.css?ver=1661819524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 07:58:34 GMT
Accept-Ranges: bytes
Content-Length: 615702
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/2021/09/Recurso-1-2.png
190.184.196.186200 OK 4.1 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/2021/09/Recurso-1-2.png
IP 190.184.196.186:0
File type PNG image data, 321 x 59, 8-bit/color RGBA, non-interlaced\012- data
Hash d0572971251d82b4b46674d444af69c8
c318a5a61aab9b586c407a0b2622214e306f1254
156143be5f6e39989b847c3cd4acea23dcba39be6ef142edc37d1350ece3dcee
GET /wp-content/uploads/2021/09/Recurso-1-2.png HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 13:42:09 GMT
Accept-Ranges: bytes
Content-Length: 4091
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine01-pthgll895bme8l85u7r3ldzf8ay7kuklj61vh9es0o.jpg
190.184.196.186200 OK 80 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine01-pthgll895bme8l85u7r3ldzf8ay7kuklj61vh9es0o.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Hash 45d8390267345001ee9c7b41532e8296
cfacc9756f535a64a5fa5f85c1a5bc7a39b98860
624e2c827df04ce2437620186e4ab66996c31a434f82a48ad127808d94c5a8ef
GET /wp-content/uploads/elementor/thumbs/imagine01-pthgll895bme8l85u7r3ldzf8ay7kuklj61vh9es0o.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:04 GMT
Accept-Ranges: bytes
Content-Length: 80137
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine04-pthgogmi13jxpp1z2gg27nw4kosl3jz2ldta9p5h08.jpg
190.184.196.186200 OK 44 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine04-pthgogmi13jxpp1z2gg27nw4kosl3jz2ldta9p5h08.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Hash 52992dc9e59dac18e8402484d55dd322
a9d31bdc0b9df95c177c35471a8da70027e70231
7cffd8cf020e8228ed21c414384142738455f2bd39877c63a0a260877a09fa68
GET /wp-content/uploads/elementor/thumbs/imagine04-pthgogmi13jxpp1z2gg27nw4kosl3jz2ldta9p5h08.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:05 GMT
Accept-Ranges: bytes
Content-Length: 43931
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/fila-2.1-pthgje9t78mb5ceun9mfrxwpbxrdm9v58b9360nujc.jpg
190.184.196.186200 OK 94 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/fila-2.1-pthgje9t78mb5ceun9mfrxwpbxrdm9v58b9360nujc.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Hash 5ac77797fda2365fdd24b4ddb3530c8b
a915a53a28e2691d31e744ee7fbf601521dda1eb
23c82ca6fba74a0ecd42c300a7f55ddb0a44dd5e7c4e3bd7150a3699dd4329f4
GET /wp-content/uploads/elementor/thumbs/fila-2.1-pthgje9t78mb5ceun9mfrxwpbxrdm9v58b9360nujc.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:05 GMT
Accept-Ranges: bytes
Content-Length: 93863
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/fila2-2-pthgt14993t45gf1dxjru0dsj49til43jzz994dkrc.jpg
190.184.196.186200 OK 133 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/fila2-2-pthgt14993t45gf1dxjru0dsj49til43jzz994dkrc.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Size 133 kB (133002 bytes)
Hash fe7d23f0377e43d090d412122c4c5b6f
5228fc1efc90caab1ad6b519f2b9d1f02d393f60
c0ce3e5282c67e797e00aa9d587a20c9f7dcc50ab10e7b76de2dff7ddaff3b15
GET /wp-content/uploads/elementor/thumbs/fila2-2-pthgt14993t45gf1dxjru0dsj49til43jzz994dkrc.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:05 GMT
Accept-Ranges: bytes
Content-Length: 133002
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/7-3-pthuln6k1zmu4r25ilfv6owz3sj49omru06h401lco.png
190.184.196.186200 OK 513 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/7-3-pthuln6k1zmu4r25ilfv6owz3sj49omru06h401lco.png
IP 190.184.196.186:0
File type PNG image data, 700 x 700, 8-bit/color RGBA, non-interlaced\012- data
Size 513 kB (513359 bytes)
Hash 2e0753d7e01cb997d728994c941bfd95
7ccc25f0405e1274e38cbcb9010baf0f3a7cdcc0
e7a6405078b205549229abc928eaf372f012336be43101774e31c625c2c13f76
GET /wp-content/uploads/elementor/thumbs/7-3-pthuln6k1zmu4r25ilfv6owz3sj49omru06h401lco.png HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:05 GMT
Accept-Ranges: bytes
Content-Length: 513359
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/png
www.vacacionandocr.com/wp-content/uploads/2022/08/Vacaciones.jpeg
190.184.196.186200 OK 1.9 MB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/2022/08/Vacaciones.jpeg
IP 190.184.196.186:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=14, height=1277, bps=182, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D780, orientation=upper-left, width=1920], baseline, precision 8, 1862x1241, components 3\012- data
Size 1.9 MB (1934259 bytes)
Hash 035e0dd49348fda2314d39fb695d704e
4f9d35ff732bd8a901ea9de8f7b43fe131298e69
0345dbb1b57d582fd33d91fa26d9bbe8c1e065be95e24f08eecee3d7fed288d5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/08/Vacaciones.jpeg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Mon, 22 Aug 2022 14:54:15 GMT
Accept-Ranges: bytes
Content-Length: 1934259
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine07-pthgo0n8swy28bp6nrjej9xah4zcgp7mv6q13zt5y0.jpg
190.184.196.186200 OK 129 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine07-pthgo0n8swy28bp6nrjej9xah4zcgp7mv6q13zt5y0.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Size 129 kB (129376 bytes)
Hash 33f569581c5aff46ac12d1db8092d284
a7c938e5a3ac38462ffd26ad0e5c0e271b5c8f5b
667789f6a853a18f1303c19ebae20e14edf56757625233a386b0677e8426ff10
GET /wp-content/uploads/elementor/thumbs/imagine07-pthgo0n8swy28bp6nrjej9xah4zcgp7mv6q13zt5y0.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:05 GMT
Accept-Ranges: bytes
Content-Length: 129376
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/CRF0049-HDR-min-scaled-pthw7x6bs7etyeep7sb5rzhsztadi3znuga89lmvko.jpg
190.184.196.186200 OK 65 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/CRF0049-HDR-min-scaled-pthw7x6bs7etyeep7sb5rzhsztadi3znuga89lmvko.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Hash 30d984e8c543865285ec56a904877749
a011fdaaa26e8eabd836a56d677b1cc55f8c2040
69ef6270865988f672f63a17e2f0147a4e6b16812fde9b22bd123b46e938ea19
GET /wp-content/uploads/elementor/thumbs/CRF0049-HDR-min-scaled-pthw7x6bs7etyeep7sb5rzhsztadi3znuga89lmvko.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:06 GMT
Accept-Ranges: bytes
Content-Length: 64584
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/IMG_5685-min-scaled-pthuy96lqywbweqovjoo50cm0wdejhp4kf9zwncfvc.jpg
190.184.196.186200 OK 60 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/IMG_5685-min-scaled-pthuy96lqywbweqovjoo50cm0wdejhp4kf9zwncfvc.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Hash cc4351ca14c8665033ec52d620dcbd6a
b2144abbafab4f058aabe0ac60d396e9c9d5dc2b
994eaeaea48ba8b351248d25a7fb05f04bc9f6ec98f672b341e15a9ee8b4af47
GET /wp-content/uploads/elementor/thumbs/IMG_5685-min-scaled-pthuy96lqywbweqovjoo50cm0wdejhp4kf9zwncfvc.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:06 GMT
Accept-Ranges: bytes
Content-Length: 59776
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/7-1-pthulo4e8to4gd0sd3uhr6ofp6ehhdqi64tyla076g.png
190.184.196.186200 OK 559 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/7-1-pthulo4e8to4gd0sd3uhr6ofp6ehhdqi64tyla076g.png
IP 190.184.196.186:0
File type PNG image data, 700 x 700, 8-bit/color RGBA, non-interlaced\012- data
Size 559 kB (559166 bytes)
Hash 65d0e669b49f9a44f24e4faa46c9f442
b84592fc98b92d4375276b944459f952fc42fc3b
8d42bb3bc896dc5e0e54ca11a031b18eceefc1f1c0dfb1fb4a1cfcda5a384353
GET /wp-content/uploads/elementor/thumbs/7-1-pthulo4e8to4gd0sd3uhr6ofp6ehhdqi64tyla076g.png HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:04 GMT
Accept-Ranges: bytes
Content-Length: 559166
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/IMG_5720-min-scaled-pthuzhd0o6kt22yipks4w779y0bnl9kiehxtgnixqw.jpg
190.184.196.186200 OK 54 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/IMG_5720-min-scaled-pthuzhd0o6kt22yipks4w779y0bnl9kiehxtgnixqw.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Hash 18b86f40af33608992d12e3bbfc0dfeb
41564d5a1cfd5e852a5bfb2a1f9d72440f5212d0
f06f40e9f68b2b7aee2b74754dbbea64f6a6c62807c0f2aaf185595721670af7
GET /wp-content/uploads/elementor/thumbs/IMG_5720-min-scaled-pthuzhd0o6kt22yipks4w779y0bnl9kiehxtgnixqw.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:23 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:06 GMT
Accept-Ranges: bytes
Content-Length: 53601
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine13-pthgnwvw1kswxvun9pww9avg3lhvlwspio436vyqmw.jpg
190.184.196.186200 OK 128 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine13-pthgnwvw1kswxvun9pww9avg3lhvlwspio436vyqmw.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Size 128 kB (128107 bytes)
Hash 99159f2eb1b34fe8416da09377b6e757
63949008535566c0023c75197751ecaa3b17c78e
e9327267235ae2c7685810bbe70187e639c88aa1b996c4dbbcc7286aa12b5614
GET /wp-content/uploads/elementor/thumbs/imagine13-pthgnwvw1kswxvun9pww9avg3lhvlwspio436vyqmw.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:06 GMT
Accept-Ranges: bytes
Content-Length: 128107
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
region1.google-analytics.com/g/collect?v=2&tid=G-KBKS7PBCER>m=2oea50&_p=90812520&cid=326719440.1665255264&ul=en-us&sr=1280x1024&_s=1&sid=1665255263&sct=1&seg=0&dl=https%3A%2F%2Fwww.vacacionandocr.com%2F&dt=Vacacionando%20%E2%80%93%20Sus%20vacaciones%20so%C3%B1adas&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-KBKS7PBCER>m=2oea50&_p=90812520&cid=326719440.1665255264&ul=en-us&sr=1280x1024&_s=1&sid=1665255263&sct=1&seg=0&dl=https%3A%2F%2Fwww.vacacionandocr.com%2F&dt=Vacacionando%20%E2%80%93%20Sus%20vacaciones%20so%C3%B1adas&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-KBKS7PBCER>m=2oea50&_p=90812520&cid=326719440.1665255264&ul=en-us&sr=1280x1024&_s=1&sid=1665255263&sct=1&seg=0&dl=https%3A%2F%2Fwww.vacacionandocr.com%2F&dt=Vacacionando%20%E2%80%93%20Sus%20vacaciones%20so%C3%B1adas&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vacacionandocr.com
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.vacacionandocr.com
date: Sat, 08 Oct 2022 18:54:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/IMG_5751-min-scaled-pthuzuirbv2tkmfekqgwv3vq9eisl10r4b2m6izfbs.jpg
190.184.196.186200 OK 45 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/IMG_5751-min-scaled-pthuzuirbv2tkmfekqgwv3vq9eisl10r4b2m6izfbs.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Hash 118847a6f5831f11cf99fcb7e51aebcc
231772ef5c9ae7f95eacb6c9e06c8f1bdb64f2ec
e9d2678b08e3db26fe8abaad67754b7ffc7534ffdc68f2196b0ed97f958e2644
GET /wp-content/uploads/elementor/thumbs/IMG_5751-min-scaled-pthuzuirbv2tkmfekqgwv3vq9eisl10r4b2m6izfbs.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:07 GMT
Accept-Ranges: bytes
Content-Length: 44887
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine12-pthgnpd6iwimd05khmnvpcrrciixwbyutmw7co9w0o.jpg
190.184.196.186200 OK 78 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine12-pthgnpd6iwimd05khmnvpcrrciixwbyutmw7co9w0o.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Hash c0947248aa49012cc4fdcd7cd7ef75b3
3af313e7f8c2bceb83960fa80f588f088539b3f0
688ad0f67b5c368e46df203cc4fdf8dec130c872386292de007404dfd8a7ac1d
GET /wp-content/uploads/elementor/thumbs/imagine12-pthgnpd6iwimd05khmnvpcrrciixwbyutmw7co9w0o.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:06 GMT
Accept-Ranges: bytes
Content-Length: 77531
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine16-pthgm9o230jumg8nvibee7teoblr4z9maj0hygejiw.jpg
190.184.196.186200 OK 52 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine16-pthgm9o230jumg8nvibee7teoblr4z9maj0hygejiw.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Hash e1d832efd605024e24af68061654711f
4522ab2854711116c03f464ca437688b87e85d9d
3733765b35baddafd9a941bc1d3b0e13a9df2bdae248fca14d704317124a87fa
GET /wp-content/uploads/elementor/thumbs/imagine16-pthgm9o230jumg8nvibee7teoblr4z9maj0hygejiw.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:07 GMT
Accept-Ranges: bytes
Content-Length: 52024
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine15-pthglozlwnrjj12p89dlvd19lufofmzivonted97bs.jpg
190.184.196.186200 OK 67 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine15-pthglozlwnrjj12p89dlvd19lufofmzivonted97bs.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Hash 755245fbc95d8556f01c949b2538eb1a
78080b8a1943d9f1f6b57d993be72e70542758ef
9ff8dbe69f845047395592fecf93ecee11e9f53bf1393ccb7a567c44209dd6b8
GET /wp-content/uploads/elementor/thumbs/imagine15-pthglozlwnrjj12p89dlvd19lufofmzivonted97bs.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:07 GMT
Accept-Ranges: bytes
Content-Length: 67324
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/fila-6-1-pthgd8fwec6n1dd2mlqhfhvx504r5pehptahwpsrbs.jpg
190.184.196.186200 OK 53 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/fila-6-1-pthgd8fwec6n1dd2mlqhfhvx504r5pehptahwpsrbs.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Hash 0bf8c96311d90e3ad2bddc4d9fc8b7de
1a335a6fe75ccb58ab7d48b3245e60f8ab6f6d09
d830890b034991bfd8357fc6f7fee058fd788eb1b8d734fad2098c958ac63b4a
GET /wp-content/uploads/elementor/thumbs/fila-6-1-pthgd8fwec6n1dd2mlqhfhvx504r5pehptahwpsrbs.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:07 GMT
Accept-Ranges: bytes
Content-Length: 52895
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine17-1-pthgtlspfglf8vl016hkcv5xllfw7xe6yubxt7iwyg.jpg
190.184.196.186200 OK 46 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine17-1-pthgtlspfglf8vl016hkcv5xllfw7xe6yubxt7iwyg.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Hash a05b72e4f2589bff6846d41d6d2a1b9b
ed9a80fe52fa5b5dfd496dbb028b2b406f83d359
ed819da4ccdbff60b3be71327dc25a9aeb37eeb11fe401bcc8c83cff05ed228d
GET /wp-content/uploads/elementor/thumbs/imagine17-1-pthgtlspfglf8vl016hkcv5xllfw7xe6yubxt7iwyg.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:07 GMT
Accept-Ranges: bytes
Content-Length: 46045
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/fila-6-3-pthgctehczm1vlyx2f8gblojmu6vqjqsbquq8af23c.jpg
190.184.196.186200 OK 55 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/fila-6-3-pthgctehczm1vlyx2f8gblojmu6vqjqsbquq8af23c.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 700x700, components 3\012- data
Hash 5456fff23094309e159025d494b747db
838615572467eae4ad1e08a8cbd5d10954e0a858
ab2ec461240e6d734b4ffad686174705b4d2747e64a558aa4982de96b8cd010a
GET /wp-content/uploads/elementor/thumbs/fila-6-3-pthgctehczm1vlyx2f8gblojmu6vqjqsbquq8af23c.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:07 GMT
Accept-Ranges: bytes
Content-Length: 55189
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/increible-piscina-pthgfufnq7f5djrwt54l2tay77iz3y2uybr7i3jo1c.jpg
190.184.196.186200 OK 44 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/increible-piscina-pthgfufnq7f5djrwt54l2tay77iz3y2uybr7i3jo1c.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 400x600, components 3\012- data
Hash 83bd592e6b20597ddfdff35bb246dab8
f61796aa7357a1895e8aa9a6465b92316ca3cebb
627b95c82f64445fa5309fabd9c1a09462266bdfe426b0cf9b542415ced9c6d6
GET /wp-content/uploads/elementor/thumbs/increible-piscina-pthgfufnq7f5djrwt54l2tay77iz3y2uybr7i3jo1c.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:03 GMT
Accept-Ranges: bytes
Content-Length: 44202
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/VID_0028-scaled-pthvnva6bvmgd1qnqj13b0sqfkdzv2p0mshhaszib4.jpg
190.184.196.186200 OK 76 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/VID_0028-scaled-pthvnva6bvmgd1qnqj13b0sqfkdzv2p0mshhaszib4.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 400x600, components 3\012- data
Hash 36bd1e2226ccb90abf0d604c2d418f04
6db1c42b7eccf37959516372a6487e15363ef0fd
8a98b75e9675eea50f7dadcfffad74186453990b0ee81776c3eac622af60f39e
GET /wp-content/uploads/elementor/thumbs/VID_0028-scaled-pthvnva6bvmgd1qnqj13b0sqfkdzv2p0mshhaszib4.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:03 GMT
Accept-Ranges: bytes
Content-Length: 75742
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/parrilla-pthgadzcj0g943hvwl4929g5gmbkn3ex8gjvzsn6u8.jpg
190.184.196.186200 OK 22 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/parrilla-pthgadzcj0g943hvwl4929g5gmbkn3ex8gjvzsn6u8.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 275x400, components 3\012- data
Hash a67ff4c13e25e7f0632644e3ccca619e
c08319190db9c94df3043523689b30d1d6cbecb1
e447f532b4dd008d9fe9bfcf7cd29a67a7ca2b59cab971e5506cfd74cc5d21b4
GET /wp-content/uploads/elementor/thumbs/parrilla-pthgadzcj0g943hvwl4929g5gmbkn3ex8gjvzsn6u8.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:03 GMT
Accept-Ranges: bytes
Content-Length: 22120
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine20-pthgqv3mkyqa3krpb7tsc458ytqdoj4lxkis9wkma0.jpg
190.184.196.186200 OK 52 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine20-pthgqv3mkyqa3krpb7tsc458ytqdoj4lxkis9wkma0.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 625x500, components 3\012- data
Hash 1138ba6a17c4bddddf88dd9c3ef883bb
98e9114afeb11d0e66dd518e74eb87f3b1b991e4
439dd1a8e275596ad9d72cb0c418559d0da27d62a854dd0d99a3317767177172
GET /wp-content/uploads/elementor/thumbs/imagine20-pthgqv3mkyqa3krpb7tsc458ytqdoj4lxkis9wkma0.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:07 GMT
Accept-Ranges: bytes
Content-Length: 51903
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine21-1-pthgoeqsqjdbs8c1n5mutqfx4ltvkzdu9f755w7miw.jpg
190.184.196.186200 OK 58 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/elementor/thumbs/imagine21-1-pthgoeqsqjdbs8c1n5mutqfx4ltvkzdu9f755w7miw.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 625x500, components 3\012- data
Hash cf9aa1dd04cb8788840d343bbd6f8d89
16f520474faa7bef4117d684d893082353d5a43a
8adc44ef5ab1f45b945d28ac26590060069c4876ec541a4cc2c3601a2177d658
GET /wp-content/uploads/elementor/thumbs/imagine21-1-pthgoeqsqjdbs8c1n5mutqfx4ltvkzdu9f755w7miw.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 20:46:07 GMT
Accept-Ranges: bytes
Content-Length: 58023
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/2022/06/Lo-que-dicen-nuestros-clientes.jpg
190.184.196.186200 OK 319 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/2022/06/Lo-que-dicen-nuestros-clientes.jpg
IP 190.184.196.186:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, manufacturer=NIKON CORPORATION, model=NIKON D780, orientation=upper-left, xresolution=190, yresolution=198, resolutionunit=2, software=NIKON D780 Ver.01.02 , datetime=2022-06-30T20:20:07-06:00], baseline, precision 8, 1920x1277, components 3\012- data
Size 319 kB (318824 bytes)
Hash 03aad98dbf8a274b0a0f6f366c7a55b9
c4a95d972b8e74140fe75d71d93f0539f19799f1
056aa56b3b2b8d85d8dd6492b1ef2400ff509b8af4edafe7cab782e61f15f840
GET /wp-content/uploads/2022/06/Lo-que-dicen-nuestros-clientes.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/wp-content/uploads/elementor/css/post-2.css?ver=1661819524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 08:07:19 GMT
Accept-Ranges: bytes
Content-Length: 318824
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/svg/chevron-left-solid.svg
190.184.196.186200 OK 482 B URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/svg/chevron-left-solid.svg
IP 190.184.196.186:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (482), with no line terminators
Hash dc880f17456d5cad7f07d83554c22b9b
ca938160b429c301c43c5c45b3f9e49e9d011f46
5399d593d92642f8ef2b20ab26cdd615a70d2ecf029d5c52a1fc8b3813cf29e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/strong-testimonials/public/svg/chevron-left-solid.svg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons2.css?ver=3.0.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:46:01 GMT
Accept-Ranges: bytes
Content-Length: 482
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/svg+xml
www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/svg/chevron-right-solid.svg
190.184.196.186200 OK 527 B URL HTTP/1.1 www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/svg/chevron-right-solid.svg
IP 190.184.196.186:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (527), with no line terminators
Hash 1fce70541cd225507e29c233e23f2cb2
d4dc2f478d5d5f483eaa45f9a2591e6da824047a
c4b25cd117c2010382d4d9bf2867f9644aff5058da3650ede80797a5565de549
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/strong-testimonials/public/svg/chevron-right-solid.svg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons2.css?ver=3.0.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Sat, 20 Aug 2022 01:46:01 GMT
Accept-Ranges: bytes
Content-Length: 527
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/svg+xml
www.vacacionandocr.com/wp-content/uploads/2022/07/Todo-esto-a-su-disposicion-3.jpg
190.184.196.186200 OK 584 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/2022/07/Todo-esto-a-su-disposicion-3.jpg
IP 190.184.196.186:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2022:07:13 15:31:25], baseline, precision 8, 1920x1277, components 3\012- data
Size 584 kB (583459 bytes)
Hash e2348e5f38fec4eb64d2bfb04996e032
3403327744730d83a2e96e44ea4cafc09b7a9b21
63017537d9208fe76578b299e3030b26e84be466d72eeb219b07e02f2b63c2b7
GET /wp-content/uploads/2022/07/Todo-esto-a-su-disposicion-3.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/wp-content/uploads/elementor/css/post-2.css?ver=1661819524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 07:54:55 GMT
Accept-Ranges: bytes
Content-Length: 583459
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/2022/08/imagine01.jpg
190.184.196.186200 OK 419 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/2022/08/imagine01.jpg
IP 190.184.196.186:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=14, height=1331, bps=182, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D780, orientation=upper-left, width=2000], baseline, precision 8, 2000x1331, components 3\012- data
Size 419 kB (419240 bytes)
Hash 00aeb58add753f56557b99f8a80982b5
08d7ccb113c3f0e426e5d423815d4804472d2d38
27f138a59ee0878d0b9960075d67222a5de787281b63eaca3adb7192e912361e
GET /wp-content/uploads/2022/08/imagine01.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/wp-content/uploads/elementor/css/post-2.css?ver=1661819524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 07:59:27 GMT
Accept-Ranges: bytes
Content-Length: 419240
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/2021/09/IMG_5874__1631738847_201.206.191.97.jpg
190.184.196.186200 OK 169 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/2021/09/IMG_5874__1631738847_201.206.191.97.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 65", baseline, precision 8, 1920x1280, components 3\012- data
Size 169 kB (168780 bytes)
Hash c513b0289df052f611efd5d687ba3adb
693154cb663b2e696b29148e6657823685fe6b71
f0190cad0058c2ac331a756546386acf27f7a91009cbe8846096f9cc565830ab
GET /wp-content/uploads/2021/09/IMG_5874__1631738847_201.206.191.97.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/wp-content/uploads/elementor/css/post-2.css?ver=1661819524
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 13:32:30 GMT
Accept-Ranges: bytes
Content-Length: 168780
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 08 Oct 2022 18:41:09 GMT
expires: Sat, 08 Oct 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 795
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.vacacionandocr.com/wp-content/uploads/2022/05/cropped-siteIcon-192x192.jpg
190.184.196.186200 OK 4.8 kB URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/2022/05/cropped-siteIcon-192x192.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 9d07db0ca931af176dc1f91cdd9271b7
79b4be62a23bc9972bd8c3c83ab0d3cdd05b7c09
ee140c14e2485bf7ba38320765aadabd7160b2e40a81bfe6f9f543daa55f2467
GET /wp-content/uploads/2022/05/cropped-siteIcon-192x192.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Cookie: _ga_KBKS7PBCER=GS1.1.1665255263.1.0.1665255263.0.0.0; _ga=GA1.1.326719440.1665255264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 07:52:08 GMT
Accept-Ranges: bytes
Content-Length: 4811
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
www.vacacionandocr.com/wp-content/uploads/2022/05/cropped-siteIcon-32x32.jpg
190.184.196.186200 OK 784 B URL HTTP/1.1 www.vacacionandocr.com/wp-content/uploads/2022/05/cropped-siteIcon-32x32.jpg
IP 190.184.196.186:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 32x32, components 3\012- data
Hash 414e90ddc221e83646484a7ce70aa321
c684f22088fc6859c2e81534e7f39617494405b9
3092f758c4ffc3e0e9016170729866ff0b09afc769d0297c093144595bfb8a0b
GET /wp-content/uploads/2022/05/cropped-siteIcon-32x32.jpg HTTP/1.1
Host: www.vacacionandocr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Cookie: _ga_KBKS7PBCER=GS1.1.1665255263.1.0.1665255263.0.0.0; _ga=GA1.1.326719440.1665255264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 18:54:24 GMT
Server: Apache
Last-Modified: Fri, 19 Aug 2022 07:51:43 GMT
Accept-Ranges: bytes
Content-Length: 784
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecedcddd-85d8-43d3-a9b6-2c201493ab3f.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecedcddd-85d8-43d3-a9b6-2c201493ab3f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3fba664205cc4f4c47441384bb9baff
7388d4c0ebd1f5ee0434315d0bf0ba324235b8ca
5336cbc9f49699990c607bfb64265f55425f0c994d1c880d71e4faefd26057a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecedcddd-85d8-43d3-a9b6-2c201493ab3f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10302
x-amzn-requestid: 10724d90-3561-4b3a-9faa-2ecfd573b3bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1EKGUVoAMF0cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409bb4-76637f427b13d2c506fd5ccf;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k5BlgneR1yc5TGCa3hKAqpSkyYuR7Fv4O-GjLapMdg4oZWouXZGo1A==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:44:28 GMT
age: 76200
etag: "7388d4c0ebd1f5ee0434315d0bf0ba324235b8ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlayfair+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlayfair+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlayfair+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vacacionandocr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 08 Oct 2022 18:54:20 GMT
date: Sat, 08 Oct 2022 18:54:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2