staging.hotelviladepremia.com/
301 Moved Permanently 162 B URL HTTP/1.1 staging.hotelviladepremia.com/
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 04:34:52 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://staging.hotelviladepremia.com/
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10052
Expires: Wed, 23 Nov 2022 07:22:24 GMT
Date: Wed, 23 Nov 2022 04:34:52 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4152
Cache-Control: max-age=111935
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:34:52 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 11:40:27 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15156
Expires: Wed, 23 Nov 2022 08:47:28 GMT
Date: Wed, 23 Nov 2022 04:34:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 04:09:27 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1525
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SFsb08kqMZSjP4EsyqlXqgIr12EUvnScyXDSUnv0MqFdjZDwz8u4LN/dNd+ZTFNT3vAQd7JzVN0=
x-amz-request-id: H9XS7T5BZX4AH5B8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 03:39:50 GMT
age: 3302
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9a26ea8bc5b8fff58371f6e0d3e0fd82
471ef9eb601823ec8045ab8f7039e421c720fd0b
d159b79fe4622d3b34157b162de96ea36fa1b60f03f72786dc358e40e893f949
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D159B79FE4622D3B34157B162DE96EA36FA1B60F03F72786DC358E40E893F949"
Last-Modified: Mon, 21 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21547
Expires: Wed, 23 Nov 2022 10:34:00 GMT
Date: Wed, 23 Nov 2022 04:34:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 04:08:53 GMT
cache-control: public,max-age=3600
age: 1560
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5946
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:34:53 GMT
Last-Modified: Wed, 23 Nov 2022 02:55:47 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qAmm3vglzZurdt9NSiSOow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0HJyCojdmn7gMqhutYHY7WgDSFE=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15235
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 04:34:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15235
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 04:34:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15235
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 04:34:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19004cd2-76fa-499a-9749-67f2994dc084.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19004cd2-76fa-499a-9749-67f2994dc084.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a539a7b4a38c495d8d7efd7b95fec6de
8f8bdba45b4fdf16783758eb6e53f957e53987bc
2d209c13af43c4237e36291cb24140e4993361311489ad27943b1209262592e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19004cd2-76fa-499a-9749-67f2994dc084.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11839
x-amzn-requestid: b0429c36-a8c3-49e7-b25a-1ecdfc6e7648
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btVS7Hp2oAMF32g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637535ac-097bd45a569a4cff672486de;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 19:10:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MQV3azOGYjEB4MTie1E3cfTIDWAVus4-A2QsezKllq0GzMi-gD3nSg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:52:55 GMT
age: 24120
etag: "8f8bdba45b4fdf16783758eb6e53f957e53987bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fba7b0-566a-4154-a555-caf6ef55283e.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fba7b0-566a-4154-a555-caf6ef55283e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f90eaacb028f41ae23d5ae0bb5bb1c60
adabb8e73c60950b2161b973db1150a2e6484d3f
8e45a3b3966392447e2b426e912e8151e087cfbf9f4ff2af47d81d20d5a19f25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fba7b0-566a-4154-a555-caf6ef55283e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10678
x-amzn-requestid: 9180d893-71d8-460c-92b7-2bb406940975
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQ65Fr6oAMFzjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772eab-1741d1f27534c13e43e3cec0;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:05:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K2Shuq-IX_VACYEEJzuubHKr01H_Oq_NntRt9WlJuAMsBG61kaFhjg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 14:02:32 GMT
age: 52343
etag: "adabb8e73c60950b2161b973db1150a2e6484d3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ngJvyUydpRDSiYy9kfeh8JmydmR_K8mjfZtGLgT0qeE2JaABbDMSaQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:28 GMT
age: 23907
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 309227dc1b5f9193c6be8f5a010fa348
dff12e88a784a954012f257d3689862c52251d01
2d52b83ff0a58c41bf2e38abf8fce13eb87b5ecfce144ff0edc1bfadd254b452
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8081
x-amzn-requestid: cafd3337-7bb8-4e2d-91d4-a33439a32b80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAMEwgoAMFl-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4067-6074dcae15d9194513916d48;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lfLcMzlaKoOXDhvCk6dJCuqkINEqJX20JltVNZMLUFhQeNPpN8cVFg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:14 GMT
age: 23921
etag: "dff12e88a784a954012f257d3689862c52251d01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21fc9852ed2db17695d7038195b9283f
cda806d600c9e63e50d8ec42549fb107e4915068
55a7098369eb94f4333a1079ed6ad570121b7c76eeafb35022224b86d9b7edbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6910
x-amzn-requestid: 0d4fa715-c66a-4bcb-985c-f2c2ea71b3a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-pvrF-xoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c2330-67041f796d1906cc51e31b73;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 01:17:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: npd-DJrCfYjrwW7kfMwT38YWatTTdpr7bMRc0ikcXDwefQq-OR3ByQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 20:05:57 GMT
age: 30538
etag: "cda806d600c9e63e50d8ec42549fb107e4915068"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 218956a7601433bcf0f6ff484dbd5b52
d005c3afc835a854efdfa9cceb54b81153bb9899
dcc6527a7705c8e870e6aaf6744319ba0541a9fdfef58ca897361309d11b2b2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6180
x-amzn-requestid: 77d0b21a-db56-431c-8bc1-15ce409beadd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7nE2FyqIAMFnEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aebb8-6661a45a00c174e87e789791;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:08:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 4i-DyxmOE3pf55HCp1_oYxYPupFwEdMiQH8YRPQlyj-HMHtlRUfS4g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 03:59:00 GMT
age: 2155
etag: "d005c3afc835a854efdfa9cceb54b81153bb9899"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:34:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:34:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/inc/smls-block/smls-block.css?ver=1.1.9
200 OK 582 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/inc/smls-block/smls-block.css?ver=1.1.9
IP
File type ASCII text, with CRLF line terminators
Hash 6c376a9a6d87159dee38f9248e8c50a1
502837b5e60efe843a8ced711dfd7ff8b97d1594
70a773f0c7349af8239d82497b97f89ea912990575ac14a99f0c20452269adab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/inc/smls-block/smls-block.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"95-5e7ea3dbf5aa8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/smls-frontend-style.css?ver=1.1.9
200 OK 3.8 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/smls-frontend-style.css?ver=1.1.9
IP
File type ASCII text, with CRLF line terminators
Hash 75b513c2f184b8b5ee74362356889410
02b255b0810039aac81018fc0c368d538f3201bf
4b4894891bf0afc0fc7921c0ef27dd20217cdb2161d818c15a7ee0535129a27c
GET /wp-content/plugins/smart-logo-showcase-lite/css/smls-frontend-style.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-7c46"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.1
200 OK 4.2 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.1
IP
Hash a10e1fe15145d7a5aa812d47f05636b0
7083cad82336630a53d34b1db7b43a9555822418
ab55a1cee367005a12040668302e2bbdbfbed30845e09aede88eaf2650bfe635
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Thu, 09 Apr 2020 10:10:22 GMT
etag: W/"5e8ef48e-5503"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/smls-responsive.css?ver=1.1.9
200 OK 1.0 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/smls-responsive.css?ver=1.1.9
IP
File type ASCII text, with CRLF line terminators
Hash 81c4030e636c9a724a10f2b0ed9bc48f
ba177a5a48316957652bb6981fdb6f6d17a635cf
20ae76e820946f9c9dc6fe5352e445325fd147b05c368afe49df1541ac14c3ba
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/css/smls-responsive.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-1231"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/moment-with-locales.min.js?ver=6.0.3
200 OK 54 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/moment-with-locales.min.js?ver=6.0.3
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash da708ff34bb8b91823e05f3dc9c47fc8
776a5586cea14fb983ebbeb47089f23166a7e3a5
c1e79918a76dbe401de5ca772209c8af7c134f43e71f17433a1ac82c255ccf12
GET /ajax/libs/moment.js/2.22.2/moment-with-locales.min.js?ver=6.0.3 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 53699
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-4fc01"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6521017
expires: Mon, 13 Nov 2023 04:34:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XnwAFR7ON1xTxJsHwpUW3HQdQppRJTLKX%2B6dWAAP%2FW91nO%2FjMM%2FNKSl%2FsidIeefM0qLI%2BKA9VfhkGLAufioGnKQaMY%2B53I29a4dRzTeFxhisPoD6pKQHffk1%2FTzDIK9ZPeB5FP8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76e731f97be0b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-145338186-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-145338186-1
IP
File type ASCII text, with very long lines (1921)
Hash e90d1c9130c520258dcaeaa6fb210612
39320c7624dfcd2c99ffe62f3bd8411a9c4eaf57
55a69d2568b840c87ea5ba766d9bbdc55349600a0b53baabbfd47b6b55eae255
GET /gtag/js?id=UA-145338186-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Nov 2022 04:34:55 GMT
expires: Wed, 23 Nov 2022 04:34:55 GMT
cache-control: private, max-age=900
last-modified: Wed, 23 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/owl.carousel.css?ver=1.1.9
200 OK 1.8 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/owl.carousel.css?ver=1.1.9
IP
Hash c0c22ce815c91ea4fac17c4daa52b1a5
dae6690caba7c5d9f2524881aa31567793be0d3b
6ddfa9bffeba347d043f1b81fe7c8c3fa82b0b2ad92214162b10c6650512651f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/css/owl.carousel.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-17f5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-718123990
200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-718123990
IP
File type ASCII text, with very long lines (1921)
Hash c1a6536247d0b317175bf13e70c943bf
957419071c42e81aa7a0731b73ca41d2f0b199bb
dd2bf3f78f71eb4201f014ea3607a57608a8fce28585bdcc27139f2fbc967503
GET /gtag/js?id=AW-718123990 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Nov 2022 04:34:55 GMT
expires: Wed, 23 Nov 2022 04:34:55 GMT
cache-control: private, max-age=900
last-modified: Wed, 23 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52983
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/css/base.css?ver=21.2.2
200 OK 12 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/css/base.css?ver=21.2.2
IP
File type ASCII text, with very long lines (464)
Hash e0b347c31d40d433549984bd06570e14
7d2f9f3c6f3d0fda4c700f8de9f0446a54b6b957
3a23a353eb2b4b8c56c55b4b02686c4ad6b9cb5fe8bcc5670bc97b31ef7d48bc
GET /wp-content/themes/betheme/css/base.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:18 GMT
etag: W/"5cebd206-da71"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 863 B IP
File type gzip compressed data, max compression\012- data
Hash 7d188951e4e0c26ed00c1e13b20bd050
8434d3f0cf99232f9a99a7adb54109dec582d627
bcfc0921083bf9ed865668c5506798f05b75805f76e70cd4826b6d2d1a5e4d8c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:34:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staging.hotelviladepremia.com/wp-content/themes/betheme/style.css?ver=21.2.2
200 OK 663 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/style.css?ver=21.2.2
IP
Hash 96003a8de5662089e6a685e61bdf5379
25f0f9573a99917dc872770f3f8abb83a189d789
362a5069a5d25b0c178cba2157a5acc1ff6f87aaa0abf5df09221fee402d30e0
GET /wp-content/themes/betheme/style.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Tue, 22 Oct 2019 16:16:02 GMT
etag: W/"15e-595821dcfd480"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d7f50398fc964dff9dd96774e0735b39
7d0275ebcec9ddac96a061408bd03bd0badde4c9
d08359952a037edc881a1dae65b7572ba32c5e05a0b24ab61edd2e6ba6108bd6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D08359952A037EDC881A1DAE65B7572BA32C5E05A0B24AB61EDD2E6BA6108BD6"
Last-Modified: Tue, 22 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20944
Expires: Wed, 23 Nov 2022 10:23:59 GMT
Date: Wed, 23 Nov 2022 04:34:55 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8069f5e67c25fc0b7388ba5d4decd8c9
64a85ba44c80ea206f4382f573c3d61e4f607ccf
7587cd04333ddf1cff15ae219cb8fca0618786a9fe4cee989975f4d50889e72a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:34:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staging.hotelviladepremia.com/wp-content/uploads/2019/12/109-hotel-5.png
200 OK 7.4 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/109-hotel-5.png
IP
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 1dc0f7e24a3dd59cd207fc37c8ac37c5
e3d430c0da06a46e02bed47507df04ab147d3f7b
d3c3ff66cdb1793644102729a9721101d7382a860aa067f228120766c6a1506a
GET /wp-content/uploads/2019/12/109-hotel-5.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: image/png
content-length: 7410
last-modified: Fri, 13 Dec 2019 17:27:06 GMT
etag: "5df3c9ea-1cf2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/118-verified-1.png
200 OK 6.5 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/118-verified-1.png
IP
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash f2f413b4f6b3070c12dbf9bf244f5c9f
21f743c0b77180ce11537274d0f93a1f8b798d60
5cdc66dcd9f5090919edea305e369a27e7237032b721a310f73e7ec0a5e8eb96
GET /wp-content/uploads/2019/12/118-verified-1.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: image/png
content-length: 6501
last-modified: Fri, 13 Dec 2019 17:27:10 GMT
etag: "5df3c9ee-1965"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/016-payment-1.png
200 OK 8.3 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/016-payment-1.png
IP
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 5bedd30f623b0534d2e5580378a35606
2e478f89f40100e3930d0637971040c5a6b47db1
c72c674d1fc633192897ba5c0b25609e76a275de4b6f992b8fc5bbfa80b7628e
GET /wp-content/uploads/2019/12/016-payment-1.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: image/png
content-length: 8338
last-modified: Fri, 13 Dec 2019 17:26:57 GMT
etag: "5df3c9e1-2092"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/057-real-estate.png
200 OK 7.7 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/057-real-estate.png
IP
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash dff43fd7a24c10adb8f8d0bb910ac287
303c815920b4772683c21f70b3603c7d88d953bb
ebf8c0555897148ffbcb6f5bd59a833af00af286baff2a7a1b8c3692436c562e
GET /wp-content/uploads/2019/12/057-real-estate.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: image/png
content-length: 7655
last-modified: Fri, 13 Dec 2019 17:27:00 GMT
etag: "5df3c9e4-1de7"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/077-like.png
200 OK 7.6 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/077-like.png
IP
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 83c6399dad3f08149cced225690ec587
08e224af078b00b7733c38cfcb0e637f07d31577
cf4335c4d1d5c623298f6b08ffc30a480ae54f2e5b0993a9611ff4c0eb8ce3d9
GET /wp-content/uploads/2019/12/077-like.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: image/png
content-length: 7634
last-modified: Fri, 13 Dec 2019 17:27:03 GMT
etag: "5df3c9e7-1dd2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/1010377-1630x860.jpg
200 OK 309 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/1010377-1630x860.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=Panasonic, model=DMC-G80, xresolution=128, yresolution=136, resolutionunit=2, software=Capture One Pro 12.0 Windows, copyright=David Martinez Fernandez], baseline, precision 8, 1630x860, components 3\012- data
Size 309 kB (309166 bytes)
Hash c0c2dc69405fffb43f4cfd8133885f39
62a03bfc0d70b4d0cb27cb1cc730502e70a1ad9f
0cc651d7466d872bf29d0511514cfe6933b45fe3abccf3cc903ce4923597e4fe
GET /wp-content/uploads/2019/12/1010377-1630x860.jpg HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: image/jpeg
content-length: 309166
last-modified: Wed, 18 Dec 2019 18:33:30 GMT
etag: "5dfa70fa-4b7ae"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/05/star.png
200 OK 542 B URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/05/star.png
IP
File type PNG image data, 88 x 54, 8-bit colormap, non-interlaced\012- data
Hash f256ee0ce386510627ee99bddcdc8f35
97cf0a026da82db827ef25baefce4159f48c4f1d
0986daa49a27f439ef6e833a3b8440273d2c58f03b888231e6f391739e914cd5
GET /wp-content/uploads/2019/05/star.png HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: image/png
content-length: 542
last-modified: Fri, 19 Jul 2019 09:58:22 GMT
etag: "5d31943e-21e"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/05/divider.png
200 OK 255 B URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/05/divider.png
IP
File type PNG image data, 7 x 73, 8-bit colormap, non-interlaced\012- data
Hash e8db90c766ab45c9814f1b57dc43fb38
f3f808247e74b74c494b8ed64ea0e9ee52e3b783
fc76a86b7bd274b72d60d8ac1a80f3391718355940f12db3c628fa823f9556b0
GET /wp-content/uploads/2019/05/divider.png HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: image/png
content-length: 255
last-modified: Fri, 19 Jul 2019 10:01:41 GMT
etag: "5d319505-ff"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15
200 OK 3.0 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15
IP
Hash c70a15f026c91baf90b9d68524fef946
1c99459762b462b5a728e51e8eb25ed40d9d2dfe
b643c632db6c5c458e27d2e4f2eaa239ad1c17165a3de989de1c4de9e98f1db7
GET /wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:50:00 GMT
etag: W/"6315b838-35e5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
200 OK 57 kB URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP
File type ASCII text, with very long lines (11760)
Hash 9424d81e963d80fa7dca2fb9b5c29b68
2a43b28397f2e9cda6e9d95cc7c920faea9eb799
de18ba5ae4ae62068a1d18d958c23ec7673136486b3f97de3dad74087de3062a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-2ea1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-843.jpg
200 OK 359 kB URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-843.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, description= , manufacturer=SONY, model=DSC-RX100M2, xresolution=196, yresolution=204, resolutionunit=2, software=Capture One 12.0 Windows, datetime=2014:06:27 19:58:10], baseline, precision 8, 4923x3282, components 3\012- data
Size 359 kB (359363 bytes)
Hash 9e65f3c61a3af8af7747226a7fb677cd
acca5603e422bffc935a31a9c50f4b126cdfca23
f522bc6464bc3350c4d385c343e9f4ab8d70a5732d64ba7510ebfd08509db967
GET /wp-content/uploads/2019/07/sin-t%C3%ADtulo-843.jpg HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: image/jpeg
content-length: 359363
last-modified: Fri, 19 Jul 2019 10:34:23 GMT
etag: "5d319caf-57bc3"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
200 OK 2.9 kB URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
IP
File type ASCII text, with very long lines (8632)
Hash 55d23f4f57a529054c3c7ddf44a58073
3beec688fb4895500578fcd2f19555c3ff9da813
c3e39fc69ea440bc0ce01a16d0ce8ec8fd4ec2ce56c1a1ab246fb3bd004fbdcc
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-226e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-19.jpg
200 OK 1.4 MB URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-19.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=FUJIFILM, model=X-T1, xresolution=126, yresolution=134, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 8.2 (Windows), datetime=2019:05:23 12:39:37], baseline, precision 8, 4896x3264, components 3\012- data
Size 1.4 MB (1409126 bytes)
Hash f1981202c54cf2fe28be20e898b65cd5
a081c3ad3c674932c82fd2b1987a5138e1d97141
3f8b772f793eac6c65d860d52c0d5c3f2784f0649ff84a7b15e1b7aee3e2a46b
GET /wp-content/uploads/2019/07/sin-t%C3%ADtulo-19.jpg HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: image/jpeg
content-length: 1409126
last-modified: Fri, 19 Jul 2019 10:26:04 GMT
etag: "5d319abc-158066"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.2.2
200 OK 56 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.2.2
IP
File type ASCII text, with very long lines (1723)
Hash 582dadc4beaee69844e38271cc4097a1
f5ea039c2b94265634f2b43d7a27a3805cf42660
e5fa8a7980244c4c0520d70c758f6083fe894bf642dd63b293e02766c99331b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:12 GMT
etag: W/"5cebd200-71e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/js/menu.js?ver=21.2.2
200 OK 4.4 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/js/menu.js?ver=21.2.2
IP
Hash 7ed2ba1380f8307293754afd678584e5
7c8a4716e1a105e9a60f1a9ab8c7a8cf880d29a7
f28cab0883aa724575334e75ab6a2c0bb9dd46a5896bae82d3d9e2520697c0ed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/menu.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:45 GMT
etag: W/"5cebd221-98d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/smls-frontend-script.js?ver=1.1.9
200 OK 1.7 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/smls-frontend-script.js?ver=1.1.9
IP
File type ASCII text, with CRLF line terminators
Hash 90079d725180dc25966a3c40e47174d7
e5ac9e19b606a6a666ad91d33cb024e7b0cef2dd
cf36c7f67f34c08ec7d36c4c22fd7b032facfcffb26648345f35649decf60d51
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/js/smls-frontend-script.js?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-19a7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js?ver=6.0.3
200 OK 11 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js?ver=6.0.3
IP
File type ASCII text, with very long lines (32033)
Hash 62519e20338b95c31ce75a9efdba1cea
25503522a5d25386ae3bc6b131f763ccd727c274
0f2b349b807e9cebf419800687c2215377d35a3bde60ab4e45b32cdaaa124022
GET /bootstrap/3.3.7/js/bootstrap.min.js?ver=6.0.3 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5869c96cc8f19086aee625d670d741f9"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 08/20/2022 02:31:21
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 0d1b14913827ad56e2b1a0c20b55f038
cdn-cache: HIT
cf-cache-status: HIT
age: 3127600
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76e731f9dbf70afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/dist/smartslider-frontend.min.js?1576586448
200 OK 47 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/dist/smartslider-frontend.min.js?1576586448
IP
File type ASCII text, with very long lines (32103)
Hash ac66dfe96fbe7307362d2669c37d13b0
b5b4f004426b3f08dabe39f082650569fa22c61b
f7bd754dd9b25d1fcc1ba1877a09968756b8ceb813247376926e0f873d7e2d65
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nextend-smart-slider3-pro/library/media/dist/smartslider-frontend.min.js?1576586448 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:48 GMT
etag: W/"5df8ccd0-37db9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1662368303
200 OK 16 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1662368303
IP
File type exported SGML document, Unicode text, UTF-8 text, with very long lines (59044)
Hash 110dced21cb592d611e5e5912a06fe15
c62762c1e418f63d709efa50dfd07759f26c1aee
9da5ce493061b8e2ab1cd31982ea57a688895a1f54e482146e7a09776b98dcc4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1662368303 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:58:23 GMT
etag: W/"6315ba2f-e6f5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C600%2C700%2C800&ver=6.0.3
200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C600%2C700%2C800&ver=6.0.3
IP
Hash b1ea7ba2a09741132e95d45e67425d96
ce3d6478539d73c2946e0ce89f28aabda4d5c534
c766bab2b53e6f71e81f0cc78cf6247df221d398892d95a888bc826cee050b54
GET /css?family=Open+Sans%3A400%2C300%2C600%2C700%2C800&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 04:34:55 GMT
date: Wed, 23 Nov 2022 04:34:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:34:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:21 GMT
expires: Thu, 16 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 550835
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 550848
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:56:18 GMT
expires: Thu, 16 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
age: 553118
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.2.2
200 OK 19 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.2.2
IP
File type ASCII text, with very long lines (365)
Hash 3b29273e579cfab9101df78e33fe29a6
b4f9eed1eb60bdc5b2da2c2ae45eb9cedf9f3bd3
405cc58a6a012ab67b40fb46fa91032dd6e419132dc0030af4c16e6a59247107
GET /wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:13 GMT
etag: W/"5cebd201-48eb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato%3A400%2C300italic%2C400italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3
200 OK 31 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A400%2C300italic%2C400italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3
IP
Hash 319b806c4e4c874941f97fec2e6394d0
1520ed9f88ee93a069a9526df7938cd07d256be2
ee5039cb7613d756394a311a81ff9355d04ded4beba7a6c06a76f68d09ebd7dc
GET /css?family=Lato%3A400%2C300italic%2C400italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 04:34:55 GMT
date: Wed, 23 Nov 2022 04:34:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.2.2
200 OK 4.8 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.2.2
IP
File type ASCII text, with very long lines (58508), with no line terminators
Hash d069fb14bdee95f488fb9177955268e7
bad47fdd4171985e7551cc21ace0c8887f309616
05df78100b400d51afdbe6c288a16b6e2684b6c487cbfa7b3ec8dca3fce92b03
GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:12 GMT
etag: W/"5cebd200-e48c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/js/scripts.js?ver=21.2.2
200 OK 1.3 MB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/js/scripts.js?ver=21.2.2
IP
Size 1.3 MB (1343161 bytes)
Hash 4a0474c08dd7ef1704dd542787a6006b
e4b6c0081f7413e0d92bc83e38fa83b2f4aedd30
e0016fb0590a463f2b65a2af224b52ae2b2c5ff04ef8fcc87d8a7a63205533c4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/scripts.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:45 GMT
etag: W/"5cebd221-10b73"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/images/stripes/stripes_3_b.png
200 OK 974 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/images/stripes/stripes_3_b.png
IP
File type PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash b5d66cece54745f352d2d52e6195a4ee
7b7313014426b12f9d51e4deb9ba237f11759dcf
30cb91834555c22273bd8f0d521bebaff6020b2e54bae4ccfc199f4a1daaf2eb
GET /wp-content/themes/betheme/images/stripes/stripes_3_b.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/wp-content/themes/betheme/css/shortcodes.css?ver=21.2.2
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:56 GMT
content-type: image/png
content-length: 974
x-accel-version: 0.01
last-modified: Mon, 27 May 2019 12:03:44 GMT
etag: "3ce-589dd5700c800"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
200 OK 1.9 MB URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP
File type ASCII text, with very long lines (3233)
Size 1.9 MB (1876793 bytes)
Hash f51a0fb8b0281634789562d5f8bb7410
326759e9538e63212b5bd3b6d6de4b22541e89f8
8afe9c3d88d14d3e7cc6c9f1c8ee4d193ed0076ebccf49ae9d4e51a09288be75
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-d53"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/
200 OK 113 kB URL HTTP/2 staging.hotelviladepremia.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (38083)
Size 113 kB (112810 bytes)
Hash f2f9d57ac8cf6b68591e85af90e8899e
e0d1df692b8cccc63e75e05c73cb923fdd610875
67cb848e9be50e0f7172c81e24b99be1f3d4f58dd4548def74f7218738d893a2
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
link: <https://staging.hotelviladepremia.com/wp-json/>; rel="https://api.w.org/", <https://staging.hotelviladepremia.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <https://staging.hotelviladepremia.com/>; rel=shortlink
set-cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; expires=Thu, 24-Nov-2022 04:34:53 GMT; Max-Age=86400; path=/; secure
qMuPUgcpZWl_IGx=HbyGIF7vU0z; expires=Thu, 24-Nov-2022 04:34:53 GMT; Max-Age=86400; path=/; secure
tfhBnUHVz=IUDNnaBfW2%404%2Ag; expires=Thu, 24-Nov-2022 04:34:53 GMT; Max-Age=86400; path=/; secure
PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; path=/
ls-popup-last-displayed=1669178094; expires=Tue, 12-Nov-2024 04:34:54 GMT; Max-Age=62208000; path=/
ls-popup-4=1669178094; expires=Thu, 23-Nov-2023 04:34:54 GMT; Max-Age=31536000
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-36-1-1630x860.jpg
200 OK 194 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-36-1-1630x860.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=FUJIFILM, model=X-T1, xresolution=126, yresolution=134, resolutionunit=2, software=Capture One 12.0 Windows, copyright=David Martinez Fernandez], baseline, precision 8, 1630x860, components 3\012- data
Size 194 kB (194138 bytes)
Hash 51d2b093cddff53caf0152056a19f3c3
f053a4922e12c862ed39a556030cd03cf7c89afa
2cb09088f44ffe9d0b8564227d24029f428f918122d88df17c68b028d446cd1f
GET /wp-content/uploads/2019/07/sin-t%C3%ADtulo-36-1-1630x860.jpg HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:56 GMT
content-type: image/jpeg
content-length: 194138
last-modified: Fri, 19 Jul 2019 17:30:19 GMT
etag: "5d31fe2b-2f65a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
200 OK 962 kB URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
IP
File type HTML document, ASCII text, with very long lines (25274)
Size 962 kB (962055 bytes)
Hash 97c201231690826ca40a9df9ad6c4265
a140bf5c8043f658fb0c7aeb446381520d2980cc
b1e910065ee516facbb6c75cfdc0672769a1b363c7cde9b70e0c590b4889f7c8
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-636f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/07/Castell_Burriac.jpg
200 OK 3.1 MB URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/07/Castell_Burriac.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 3888x2592, components 3\012- data
Size 3.1 MB (3073709 bytes)
Hash e3d278d34497ad0d9449bfc7f38300a9
3661c788bfb5b3361fb525d6b98e3e8f7f6f0d19
72d59fe8fba59324a7bd77cef9bace35db0114fb6cc892ee441adb9a37a270a8
GET /wp-content/uploads/2019/07/Castell_Burriac.jpg HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:56 GMT
content-type: image/jpeg
content-length: 3073709
last-modified: Wed, 24 Jul 2019 15:49:40 GMT
etag: "5d387e14-2ee6ad"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 57498c2dee96ffbaeb08d7c051038cdf
edde52e87c585032641c55774be8e7aba6b4a2ea
b489775fea9acd172aa1f573590f837af54419661c8594a0f2f49797c6c17630
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5344
Cache-Control: max-age=130768
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:34:56 GMT
Etag: "637ce9e0-116"
Expires: Thu, 24 Nov 2022 16:54:24 GMT
Last-Modified: Tue, 22 Nov 2022 15:25:20 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
200 OK 62 kB URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 4d17ddf93b60bb69d53d89f91f5d0641
8d7bc07dcc763c2bfe25f914bccbc4aef075611e
752eeb8f56bbed8a01934b6ec1d57c723809781efbd833ca004fe401e4fbf98a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-50eb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 23 Nov 2022 02:41:08 GMT
expires: Wed, 23 Nov 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 6828
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-18-1-1630x860.jpg
200 OK 5.4 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-18-1-1630x860.jpg
IP
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 9d1b031ca1395a94a6886087e245cb7b
f3f85d209c8f92593b568197814f0f0fcee45ad7
b47275b5b6878455d8937e95b32301f17c3caf0a233be8e864e9dc07493806f1
GET /wp-content/uploads/2019/07/sin-t%C3%ADtulo-18-1-1630x860.jpg HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:56 GMT
content-type: image/jpeg
content-length: 191753
last-modified: Fri, 19 Jul 2019 10:48:27 GMT
etag: "5d319ffb-2ed09"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b2b92f1110c82662bfa1addc9bab3130
d6f86300cbfd5b21b3d505c08ffd6edef34b654a
6914944644172d563d0d7c2a5084690fce86ead13949ff29f42842d4bb6e0734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:34:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/718123990/?random=1669178095900&cv=11&fst=1669178095900&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&did=dNDMyYj&gdid=dNDMyYj&auid=1404279775.1669178096&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 916 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/718123990/?random=1669178095900&cv=11&fst=1669178095900&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&did=dNDMyYj&gdid=dNDMyYj&auid=1404279775.1669178096&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (1965), with no line terminators
Hash c493df9f39fc04336584e9e280d58b80
890721a3c49d769ea03ba7a9e7931e3f3bd492ba
a42a643588ef188fa6726a5cf7452b420e632a4d0d9581b3f82a95eae8274469
GET /pagead/viewthroughconversion/718123990/?random=1669178095900&cv=11&fst=1669178095900&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&did=dNDMyYj&gdid=dNDMyYj&auid=1404279775.1669178096&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 04:34:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 916
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 23-Nov-2022 04:49:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A400%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3
200 OK 237 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3
IP
Size 237 kB (236742 bytes)
Hash 9409af114704f68ff93c2a7ab15109f0
8ae9b368e9444164b0ca71fd4434fd8dafbddf31
66b32bfbc8148abebacf0894b11e0d380ccd00d51960e7c1b19836ee7999b0a2
GET /css?family=Roboto%3A400%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 04:34:55 GMT
date: Wed, 23 Nov 2022 04:34:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b2b92f1110c82662bfa1addc9bab3130
d6f86300cbfd5b21b3d505c08ffd6edef34b654a
6914944644172d563d0d7c2a5084690fce86ead13949ff29f42842d4bb6e0734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:34:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 04:21:04 GMT
expires: Thu, 23 Nov 2023 04:21:04 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rec.smartlook.com/recorder.js
200 OK 9.4 kB URL HTTP/2 rec.smartlook.com/recorder.js
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (29194), with no line terminators
Hash 54beb0163ca77121baeb47d46d098c61
5d5cd49f414ee5f78b9ac6d7fca5d76a20ba4292
315749008f42662fdec87bc98b68e48f8318dc6345658a697c41e2bde9659097
GET /recorder.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:34:56 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
etag: W/"637cc601-720a"
last-modified: Tue, 22 Nov 2022 12:52:17 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1669178308
server: CDN77-Turbo
x-77-nzt: AblMCQ2GV07/hAEAAA
x-77-nzt-ray: c0a4cc28a4d31dc4f0a27d63ffdbd229
x-cache: HIT
x-age: 388
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=6.0.3
200 OK 2.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=6.0.3
IP
Hash 51a21e82c4bc7d10b44e1df3355bfdf6
92063c21c29a9b480faa178a2d57825c1b40b112
923d62f964e0e564045c20023b7ac0e2d90b4f34264aca3f35b9beeb6ef1cc4e
GET /css?family=Montserrat%3A400%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 04:34:55 GMT
date: Wed, 23 Nov 2022 04:34:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c04aed338f8610ba6b0acc4ab749c52e
9cce76bf45ca7cb7e101d6c5c8013ecc83f188a4
4d4e0d35a6f2357ff749b146e4f0fdff7f5f8631b3e6efee952f5c82fb256fbd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:34:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fab2cb3bd48a955d89176110d75459e4
8e642591b32f0095b8302d23b2aa3d4849352c56
71e3ae0dd72335874bd1e42e216d72a6185fb21786e55efbf3012ee0094692a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:34:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5
200 OK 12 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5
IP
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 72fc80acc4394f0edcdc821d15941771
6d24b3609581a2827f3ea4ee7c3b0d2010de5768
4a41377fefa1f32731c22e17412f7b3b1beff8d31ddc8721d7721306cb2ce970
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2019 13:50:17 GMT
etag: W/"5df78b99-e1a2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/718123990/?random=1669178095900&cv=11&fst=1669176000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2044720123&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/718123990/?random=1669178095900&cv=11&fst=1669176000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2044720123&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/718123990/?random=1669178095900&cv=11&fst=1669176000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2044720123&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 04:34:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c04aed338f8610ba6b0acc4ab749c52e
9cce76bf45ca7cb7e101d6c5c8013ecc83f188a4
4d4e0d35a6f2357ff749b146e4f0fdff7f5f8631b3e6efee952f5c82fb256fbd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:34:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-145338186-1&cid=1742427724.1669178096&jid=1165536867&gjid=788174032&_gid=887644467.1669178096&_u=YEBAAUAAAAAAACAAI~&z=374325338
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-145338186-1&cid=1742427724.1669178096&jid=1165536867&gjid=788174032&_gid=887644467.1669178096&_u=YEBAAUAAAAAAACAAI~&z=374325338
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-145338186-1&cid=1742427724.1669178096&jid=1165536867&gjid=788174032&_gid=887644467.1669178096&_u=YEBAAUAAAAAAACAAI~&z=374325338 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://staging.hotelviladepremia.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 23 Nov 2022 04:34:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
200 OK 54 kB URL HTTP/2 cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP
File type ASCII text, with very long lines (32014)
Hash ea53ffc3c20542881a2735a62c0426d7
365e24ffd4a54e4c019a47c94204ad90a8538eb5
e4f801f6cd7462489966e441ff53795823a607656497f9d0ce8cbfc08f6c7448
GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 23 Nov 2022 04:34:59 GMT
age: 21324455
x-served-by: cache-fra19156-FRA, cache-bma1634-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 6.7 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
File type Applesoft BASIC program data, first line number 17\012- data
Hash 5dc1bf9941600d60ac206c32a159053e
f7c9fe9f126de3ae4f034e26d8648cf3c20a92ce
81ad665687c88b126127951fbf1c93a23aed9ae03fe9b6bb22ffb4d746ba9e38
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:34:59 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "97242EEC589696820059FBD705E5660C44D51F70"
Expires: Wed, 23 Nov 2022 15:00:00 GMT
Last-Modified: Wed, 23 Nov 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3179
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e7320f7cbd1c0a-OSL
vsb68.tawk.to/s/?k=637da2f291d77096fa5ab583&cver=0&pop=false&asver=25314&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZGE3NDk0OGRmMjJkOTEzMzk5ZjgxNmUiLCJ2aWQiOiI1ZGE3NDk0OGRmMjJkOTEzMzk5ZjgxNmUtSVAwNXc1ZG10UDFIdWlEMklZeDg2Iiwic2lkIjoiNjM3ZGEyZjI5MWQ3NzA5NmZhNWFiNTgzIiwiaWF0IjoxNjY5MTc4MDk4LCJleHAiOjE2NjkxNzk4OTgsImp0aSI6Ijg5N3VTSHJpanpiWXJpTHU0amJsRCJ9.nZeFmBVV1WOSOvu5VwiN5lmfPT8xR9Etg4B2oAItACBQAo68Rfl2RrqDkLxPT6MCeyfUpjP0d2ykF5mACHrdQA&EIO=3&transport=websocket&__t=OIYn8Bk
101 Switching Protocols 7.5 kB URL HTTP/1.1 vsb68.tawk.to/s/?k=637da2f291d77096fa5ab583&cver=0&pop=false&asver=25314&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZGE3NDk0OGRmMjJkOTEzMzk5ZjgxNmUiLCJ2aWQiOiI1ZGE3NDk0OGRmMjJkOTEzMzk5ZjgxNmUtSVAwNXc1ZG10UDFIdWlEMklZeDg2Iiwic2lkIjoiNjM3ZGEyZjI5MWQ3NzA5NmZhNWFiNTgzIiwiaWF0IjoxNjY5MTc4MDk4LCJleHAiOjE2NjkxNzk4OTgsImp0aSI6Ijg5N3VTSHJpanpiWXJpTHU0amJsRCJ9.nZeFmBVV1WOSOvu5VwiN5lmfPT8xR9Etg4B2oAItACBQAo68Rfl2RrqDkLxPT6MCeyfUpjP0d2ykF5mACHrdQA&EIO=3&transport=websocket&__t=OIYn8Bk
IP
Hash 461824c72b9baec3cbd40cf2cf2f55d5
93864d7454bf099a8d64c24c4378122361316f8c
f28b702b32dff5d12a3c71dabd2e71faf11dd0337eef8b2da5820de396eebc5c
GET /s/?k=637da2f291d77096fa5ab583&cver=0&pop=false&asver=25314&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZGE3NDk0OGRmMjJkOTEzMzk5ZjgxNmUiLCJ2aWQiOiI1ZGE3NDk0OGRmMjJkOTEzMzk5ZjgxNmUtSVAwNXc1ZG10UDFIdWlEMklZeDg2Iiwic2lkIjoiNjM3ZGEyZjI5MWQ3NzA5NmZhNWFiNTgzIiwiaWF0IjoxNjY5MTc4MDk4LCJleHAiOjE2NjkxNzk4OTgsImp0aSI6Ijg5N3VTSHJpanpiWXJpTHU0amJsRCJ9.nZeFmBVV1WOSOvu5VwiN5lmfPT8xR9Etg4B2oAItACBQAo68Rfl2RrqDkLxPT6MCeyfUpjP0d2ykF5mACHrdQA&EIO=3&transport=websocket&__t=OIYn8Bk HTTP/1.1
Host: vsb68.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://staging.hotelviladepremia.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ivmEMXxOYXFXzIjDlRX/VQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 23 Nov 2022 04:34:59 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: Tv8Xa6bc18YyumV8PR2MidgMcuE=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 76e7320dde560b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.0.3
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.0.3
IP
GET /css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 04:34:55 GMT
date: Wed, 23 Nov 2022 04:34:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
IP
GET /translate_a/element.js?cb=GoogleLanguageTranslatorInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 23 Nov 2022 04:34:55 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+513; expires=Fri, 22-Nov-2024 04:34:55 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
embed.tawk.to/5da74948df22d913399f816e/default
200 OK 0 B URL HTTP/2 embed.tawk.to/5da74948df22d913399f816e/default
IP
GET /5da74948df22d913399f816e/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:34:56 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-637bc8c18ac"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: EXPIRED
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76e731fc1890b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.2.2
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.2.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:12 GMT
etag: W/"5cebd200-cd96"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/css/style.css?ver=4.2
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/css/style.css?ver=4.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/oscar-hotel-booking-engine/assets/css/style.css?ver=4.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:54:25 GMT
etag: W/"6315b941-95a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/js/ohbe-common.js?ver=4.2
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/js/ohbe-common.js?ver=4.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/oscar-hotel-booking-engine/assets/js/ohbe-common.js?ver=4.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:54:25 GMT
etag: W/"6315b941-1803"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-2bd8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-15b64"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/tooltipster.bundle.js?ver=1.1.9
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/tooltipster.bundle.js?ver=1.1.9
IP
GET /wp-content/plugins/smart-logo-showcase-lite/js/tooltipster.bundle.js?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-1d059"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2019 13:50:15 GMT
etag: W/"5df78b97-24ca1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/css/layout.css?ver=21.2.2
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/css/layout.css?ver=21.2.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/css/layout.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:18 GMT
etag: W/"5cebd206-1ca8b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:48:46 GMT
etag: W/"6315b7ee-6a71"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/css/bootstrap-datepicker.standalone.min.css?ver=6.0.3
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/css/bootstrap-datepicker.standalone.min.css?ver=6.0.3
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/oscar-hotel-booking-engine/assets/css/bootstrap-datepicker.standalone.min.css?ver=6.0.3 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:54:25 GMT
etag: W/"6315b941-4044"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Merriweather+Sans%3A300%2C400%2C700%2C800+Sans%3A300%2C400%2C700&ver=6.0.3
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Merriweather+Sans%3A300%2C400%2C700%2C800+Sans%3A300%2C400%2C700&ver=6.0.3
IP
GET /css?family=Merriweather+Sans%3A300%2C400%2C700%2C800+Sans%3A300%2C400%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 04:34:55 GMT
date: Wed, 23 Nov 2022 04:34:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-webfontloader.min.js?1576586450
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-webfontloader.min.js?1576586450
IP
GET /wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-webfontloader.min.js?1576586450 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:50 GMT
etag: W/"5df8ccd2-3029"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.2.2
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.2.2
IP
GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:13 GMT
etag: W/"5cebd201-266a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/637bc8c18ac/js/twk-main.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/637bc8c18ac/js/twk-main.js
IP
GET /_s/v4/app/637bc8c18ac/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:34:57 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 18:53:01 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76e732017abdb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/plugins/type/carousel/carousel/dist/smartslider-carousel-single-type-frontend.min.js?1576586448
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/plugins/type/carousel/carousel/dist/smartslider-carousel-single-type-frontend.min.js?1576586448
IP
GET /wp-content/plugins/nextend-smart-slider3-pro/library/media/plugins/type/carousel/carousel/dist/smartslider-carousel-single-type-frontend.min.js?1576586448 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:48 GMT
etag: W/"5df8ccd0-247b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/n2-j.min.js?1576586450
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/n2-j.min.js?1576586450
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/n2-j.min.js?1576586450 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:50 GMT
etag: W/"5df8ccd2-18694"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/owl.carousel.js?ver=1.1.9
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/owl.carousel.js?ver=1.1.9
IP
GET /wp-content/plugins/smart-logo-showcase-lite/js/owl.carousel.js?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-1412d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.1
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.1
IP
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Thu, 09 Apr 2020 10:10:22 GMT
etag: W/"5e8ef48e-1e026"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1662368303
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1662368303
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1662368303 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:58:23 GMT
etag: W/"6315ba2f-66d0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.0
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.0
IP
GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.0 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 22:29:12 GMT
etag: W/"636986b8-2e3b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/js/plugins.js?ver=21.2.2
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/js/plugins.js?ver=21.2.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/plugins.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:46 GMT
etag: W/"5cebd222-2f7c3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/font-awesome.min.css?ver=1.1.9
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/font-awesome.min.css?ver=1.1.9
IP
GET /wp-content/plugins/smart-logo-showcase-lite/css/font-awesome.min.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-7187"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/smartslider.min.css?1576586449
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/smartslider.min.css?1576586449
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nextend-smart-slider3-pro/library/media/smartslider.min.css?1576586449 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2019 12:40:49 GMT
etag: W/"5df8ccd1-4cc6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/css/shortcodes.css?ver=21.2.2
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/css/shortcodes.css?ver=21.2.2
IP
GET /wp-content/themes/betheme/css/shortcodes.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:17 GMT
etag: W/"5cebd205-217f9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700&ver=6.0.3
0 B URL fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700&ver=6.0.3
IP
GET /css?family=Droid+Sans%3A400%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/js/bootstrap_ohbe_datepicker.min.js?ver=6.0.3
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/js/bootstrap_ohbe_datepicker.min.js?ver=6.0.3
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/oscar-hotel-booking-engine/assets/js/bootstrap_ohbe_datepicker.min.js?ver=6.0.3 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:54:25 GMT
etag: W/"6315b941-83d9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-frontend.min.js?1576586450
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-frontend.min.js?1576586450
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-frontend.min.js?1576586450 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:50 GMT
etag: W/"5df8ccd2-e1e5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:48:46 GMT
etag: W/"6315b7ee-c22"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/637bc8c18ac/js/twk-vendor.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/637bc8c18ac/js/twk-vendor.js
IP
GET /_s/v4/app/637bc8c18ac/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:34:57 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 18:53:01 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76e732018ac2b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5
0 B URL staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5
IP
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-gsap.min.js?1576586450
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-gsap.min.js?1576586450
IP
GET /wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-gsap.min.js?1576586450 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:50 GMT
etag: W/"5df8ccd2-1843b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/637bc8c18ac/js/twk-chunk-vendors.js
200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/637bc8c18ac/js/twk-chunk-vendors.js
IP
GET /_s/v4/app/637bc8c18ac/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:34:57 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 18:53:01 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76e732018acbb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-15db1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A300%2C400%2C400italic%2C500%2C700%2C700italic&ver=6.0.3
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A300%2C400%2C400italic%2C500%2C700%2C700italic&ver=6.0.3
IP
GET /css?family=Roboto%3A300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A300%2C400%2C400italic%2C500%2C700%2C700italic&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 04:34:55 GMT
date: Wed, 23 Nov 2022 04:34:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:48:46 GMT
etag: W/"6315b7ee-8583"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/tooltipster.bundle.css?ver=1.1.9
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/tooltipster.bundle.css?ver=1.1.9
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/css/tooltipster.bundle.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-4162"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.1
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.1
IP
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Thu, 09 Apr 2020 10:10:22 GMT
etag: W/"5e8ef48e-1f855"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/css/responsive.css?ver=21.2.2
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/css/responsive.css?ver=21.2.2
IP
GET /wp-content/themes/betheme/css/responsive.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:17 GMT
etag: W/"5cebd205-dceb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/images/logo/logo.png
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/images/logo/logo.png
IP
GET /wp-content/themes/betheme/images/logo/logo.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: image/png
content-length: 1317
last-modified: Mon, 27 May 2019 12:03:41 GMT
etag: "5cebd21d-525"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/css/toolbar.css?ver=6.0.15
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/css/toolbar.css?ver=6.0.15
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-language-translator/css/toolbar.css?ver=6.0.15 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:50:00 GMT
etag: W/"6315b838-1664"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/popup-contact.css?ver=1.1.9
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/popup-contact.css?ver=1.1.9
IP
GET /wp-content/plugins/smart-logo-showcase-lite/css/popup-contact.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"278-5e7ea3dbf2bc8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.1
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.1
IP
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: application/javascript
last-modified: Thu, 09 Apr 2020 10:10:22 GMT
etag: W/"5e8ef48e-5513"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15
200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15
IP
GET /wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=2t3ep41t87nsamp6lf401i0dqo; ls-popup-last-displayed=1669178094; ls-popup-4=1669178094
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:34:55 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:50:00 GMT
etag: W/"6315b838-1f7d7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
167.86.73.18
23.36.76.226
104.17.25.14
142.251.1.157
93.184.220.29
185.76.9.17