r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19504
Expires: Thu, 10 Nov 2022 00:38:37 GMT
Date: Wed, 09 Nov 2022 19:13:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5059
Cache-Control: max-age=146510
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:33 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:55:23 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4854
Expires: Wed, 09 Nov 2022 20:34:27 GMT
Date: Wed, 09 Nov 2022 19:13:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: U1DIU7/l0Rp9gu0aUyQ/4dHgP4du6kaUTCyVYF459NURyOFHvpdCuQOUEaXZZytzSjPKkfO3Lq0=
x-amz-request-id: ECGYF51G6CFFV0Q0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 19:11:50 GMT
age: 103
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 19:13:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.grupotresa.com/
194.30.34.225200 OK 69 kB IP 194.30.34.225:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4171), with CRLF, LF line terminators
Hash 3ad2d2d8418cc8c655472cd41e1e288e
3075f5c5a307eb349a881bb4486c5c9558148a0d
c2eeccb45a0c690813320aee10d5042139bf05df9a2534ea27c09124d6de60de
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:33 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
Link: <http://www.grupotresa.com/wp-json/>; rel="https://api.w.org/", <http://www.grupotresa.com/>; rel=shortlink
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.css?ver=5.3.14
142.250.74.170200 OK 8.1 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.css?ver=5.3.14
IP 142.250.74.170:0
File type ASCII text, with very long lines (2363)
Hash 1930141d1ccd3409ebbe8c2db4c43fcf
8d6b59aa365bf686ab7408353fd232d7ca7feab5
f2094ee57e84b8403b58f45dbe68411e3b02fe3f0cb465fdec48b206ab66d48f
GET /ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.css?ver=5.3.14 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 8060
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 09 Nov 2022 13:37:40 GMT
Expires: Thu, 09 Nov 2023 13:37:40 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/css; charset=UTF-8
Age: 20153
fonts.googleapis.com/css?family=Droid+Serif%3A400%2C700&ver=5.3.14
142.250.74.10200 OK 303 B URL HTTP/1.1 fonts.googleapis.com/css?family=Droid+Serif%3A400%2C700&ver=5.3.14
IP 142.250.74.10:0
Hash a12841952a98d4e00e0ad3ff2a8c60f8
226af6f94b388fcd3950735f8ed630d35c222f91
4ef5233d7a20fdcdcc67930e5d9b7ad760597129df1c2fdab7f2dd78fefbfe9b
GET /css?family=Droid+Serif%3A400%2C700&ver=5.3.14 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 09 Nov 2022 19:13:33 GMT
Date: Wed, 09 Nov 2022 19:13:33 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800&ver=5.3.14
142.250.74.10200 OK 766 B URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800&ver=5.3.14
IP 142.250.74.10:0
Hash d71ac876718b3fde556fc24de7f2eb10
018c76462bcae6729b565a9574eef581eda66e2c
a7f9e7d976c649dc7d1131408a0c672cf342113cbab5d826e1d607f7ca6bd169
GET /css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800&ver=5.3.14 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 09 Nov 2022 19:13:33 GMT
Date: Wed, 09 Nov 2022 19:13:33 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=5.3.14
142.250.74.10200 OK 693 B URL HTTP/1.1 fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=5.3.14
IP 142.250.74.10:0
Hash 34f9be8fb0d36cf760d9d042ea50d3dc
7102e685465df51008fedeccdb820a236170e3ee
07766bf2222c090847dab36d3e93cac171eca98c785097dc8ea6694e335f92c3
GET /css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=5.3.14 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 09 Nov 2022 19:13:33 GMT
Date: Wed, 09 Nov 2022 19:13:33 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Rubik%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRubik%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CLekton%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CAbril+Fatface%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKnewave%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin-ext&ver=1.0.0
142.250.74.10200 OK 1.6 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Rubik%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRubik%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CLekton%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CAbril+Fatface%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKnewave%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin-ext&ver=1.0.0
IP 142.250.74.10:0
Hash 5b0e099f6efdf5f02ac079bdc6e25b00
0ee4cc725a7d94fd704adb0fb81dde32e2335954
b11cb07f5dfeb22630c6b03fb18e775bec0f1726ec5f16890652dd16554e3a80
GET /css?family=Rubik%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRubik%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CLekton%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CAbril+Fatface%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKnewave%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 09 Nov 2022 19:13:33 GMT
Date: Wed, 09 Nov 2022 19:13:33 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2081
Cache-Control: max-age=138477
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:33 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 09:41:30 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.grupotresa.com/wp-content/plugins/zooka/assets/css/cms-style.css?ver=5.3.14
194.30.34.225200 OK 590 B URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/zooka/assets/css/cms-style.css?ver=5.3.14
IP 194.30.34.225:0
Hash 77b748caf1906d7eb66cec6cd615aa36
10cf9ee10a0e4f57463bff3e92e48f99082dbc8e
439a6a03bf5fd7019d0ac91cc553f5687747b6e84e8442acf4bad6d9ff8eda9f
GET /wp-content/plugins/zooka/assets/css/cms-style.css?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:33 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:26:37 GMT
ETag: "24e-5a4566da18d40"
Accept-Ranges: bytes
Content-Length: 590
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
194.30.34.225200 OK 1.7 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
IP 194.30.34.225:0
Hash 8983e25a91f5c9981fb973bdbe189d33
30cd5e3a1f0cd121cfd1893b3c078b89ecba3f9c
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:33 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Wed, 29 Apr 2020 12:28:13 GMT
ETag: "6d2-5a46d14ecb140"
Accept-Ranges: bytes
Content-Length: 1746
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/themes/GEKO/style.css?ver=5.3.14
194.30.34.225200 OK 326 B URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/style.css?ver=5.3.14
IP 194.30.34.225:0
Hash b6cd74dd35e654eb73f0284905426413
0c916af2e3da2012e7804d30cbc3a30cd711978a
f1dc62d2b0022e22c3c25aa988fdfdff6f6967e79a3d5c7d22dfb24d2b1a6594
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/GEKO/style.css?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:33 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:21:18 GMT
ETag: "146-5a4565a9dff80"
Accept-Ranges: bytes
Content-Length: 326
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=2.0.9
194.30.34.225200 OK 35 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=2.0.9
IP 194.30.34.225:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 3610e05d25222898e32c7583747b6e78
a21851dbec0b00d6ddd129a06bc1121bb891e101
04905662520d965be2f3774160b3ad3a8750eed8691a15c8406b34044e821f8a
GET /wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=2.0.9 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:33 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:29:08 GMT
ETag: "88ed-5a45676a1a100"
Accept-Ranges: bytes
Content-Length: 35053
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/themes/GEKO/assets/css/plugins.min.css?ver=5.3.14
194.30.34.225200 OK 29 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/plugins.min.css?ver=5.3.14
IP 194.30.34.225:0
File type ASCII text, with very long lines (25510)
Hash 8d669df0d2259b4338eb5c134d7d1eec
1a9d9f598ed2d299173b04c49f76370e76b176bc
37a9da98974ab114ccd19e6e17866d5ad436a9533f3322d2fcf2e17b14dcf0ca
GET /wp-content/themes/GEKO/assets/css/plugins.min.css?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:33 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:26:59 GMT
ETag: "72ed-5a4566ef13ec0"
Accept-Ranges: bytes
Content-Length: 29421
Connection: close
Content-Type: text/css
maps.googleapis.com/maps/api/js?key=AIzaSyCWWF8abGFDGj1qRH63q91-FJ1ZPsUizIA&ver=5.3.14
142.250.74.74200 OK 53 kB URL HTTP/1.1 maps.googleapis.com/maps/api/js?key=AIzaSyCWWF8abGFDGj1qRH63q91-FJ1ZPsUizIA&ver=5.3.14
IP 142.250.74.74:0
File type ASCII text, with very long lines (2440)
Hash 6122d369195bdc47056c89b455c5d44c
82d470d4330d0f2a742ef3cf4074b5dbebfbad10
552a3ebaef5d9b7224841ae60f7a56a0d3b7fe84f6d771a7d6b7175b183445ec
GET /maps/api/js?key=AIzaSyCWWF8abGFDGj1qRH63q91-FJ1ZPsUizIA&ver=5.3.14 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Date: Wed, 09 Nov 2022 19:13:34 GMT
Expires: Wed, 09 Nov 2022 19:43:34 GMT
Cache-Control: public, max-age=1800
Vary: Accept-Language
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Encoding: gzip
Server: mafe
Content-Length: 53407
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Server-Timing: gfet4t7; dur=21
www.grupotresa.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.0.2
194.30.34.225200 OK 47 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.0.2
IP 194.30.34.225:0
File type Unicode text, UTF-8 text, with very long lines (7136), with CRLF line terminators
Hash c27d3ed40c42043af3d7a26905081ee4
398cb2e94d475b036a92d69cc01ce5d1e98a57d1
bce8b4d958f468c6e58bd4fd3eff8aef5ceb83a09acb293f8e132ef3894c2da0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.0.2 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:33 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:29:56 GMT
ETag: "b867-5a456797e0d00"
Accept-Ranges: bytes
Content-Length: 47207
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/themes/GEKO/assets/css/font-awesome/css/font-awesome.min.css?ver=5.3.14
194.30.34.225200 OK 31 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/font-awesome/css/font-awesome.min.css?ver=5.3.14
IP 194.30.34.225:0
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/GEKO/assets/css/font-awesome/css/font-awesome.min.css?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:32:58 GMT
ETag: "7918-5a45684572680"
Accept-Ranges: bytes
Content-Length: 31000
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/themes/GEKO/assets/css/elegant-icons/style.min.css?ver=5.3.14
194.30.34.225200 OK 22 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/elegant-icons/style.min.css?ver=5.3.14
IP 194.30.34.225:0
File type ASCII text, with very long lines (21769), with no line terminators
Hash c1be61e1bfe62ea4f8dabdf0247ef113
61c71aceb8cbff107ff2c9b882b0ce99e351f972
58405a25c52e36b20127a9e73f1f4656f908a82747636a4b187f30a817bedfb9
GET /wp-content/themes/GEKO/assets/css/elegant-icons/style.min.css?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:30:49 GMT
ETag: "5509-5a4567ca6c440"
Accept-Ranges: bytes
Content-Length: 21769
Connection: close
Content-Type: text/css
push.services.mozilla.com/
35.160.184.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.184.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iAQ71wnddSn0vrABGjx4LA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OfcPXSh2GuopeBh8imBHinhk2sE=
www.grupotresa.com/wp-content/themes/GEKO/assets/css/linear-icons/style.css?ver=5.3.14
194.30.34.225200 OK 8.3 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/linear-icons/style.css?ver=5.3.14
IP 194.30.34.225:0
Hash aa4cd95fc370b1cc4247fec9e0f946eb
890ddf42c64e544ed82e55c325de8f6d9dcf70e4
f5c203b6416a054de195921e85165e4d66fd303ea8d20982a190fede7b673576
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/GEKO/assets/css/linear-icons/style.css?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:30:56 GMT
ETag: "2098-5a4567d119400"
Accept-Ranges: bytes
Content-Length: 8344
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/themes/GEKO/assets/css/ion-icons/css/ionicons.min.css?ver=5.3.14
194.30.34.225200 OK 51 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/ion-icons/css/ionicons.min.css?ver=5.3.14
IP 194.30.34.225:0
File type Unicode text, UTF-8 text, with very long lines (50806)
Hash 0d6763b67616cb9183f3931313d42971
f0459300e39155df7aa5e94b3bdb8c8594f49a60
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
GET /wp-content/themes/GEKO/assets/css/ion-icons/css/ionicons.min.css?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:33:00 GMT
ETag: "c854-5a4568475ab00"
Accept-Ranges: bytes
Content-Length: 51284
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/themes/GEKO/assets/css/simple-line-icons/simple-line-icons.css?ver=5.3.14
194.30.34.225200 OK 12 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/simple-line-icons/simple-line-icons.css?ver=5.3.14
IP 194.30.34.225:0
File type ASCII text, with very long lines (344)
Hash 4eeaa7ef0b06542c10949892d068a649
f189cfae4001466e62b7fe386019d9cb356b10ab
be4a3e1ec2ce45e1e72d58ad90f08859fa7f55b97306ae0818adb0586b4504c6
GET /wp-content/themes/GEKO/assets/css/simple-line-icons/simple-line-icons.css?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:30:57 GMT
ETag: "3037-5a4567d20d640"
Accept-Ranges: bytes
Content-Length: 12343
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/themes/GEKO/assets/css/dripicons/dripicons.css?ver=5.3.14
194.30.34.225200 OK 5.9 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/dripicons/dripicons.css?ver=5.3.14
IP 194.30.34.225:0
Hash 2f2351d6da1b827e9251eade181f37c3
fef66c0cf0c584c84905cdb4765e3e91313584e3
a73b54462ff54a811f6f2a246ceef953d1cbfa06914d76dcd05bf448173c285c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/GEKO/assets/css/dripicons/dripicons.css?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:30:49 GMT
ETag: "1734-5a4567ca6c440"
Accept-Ranges: bytes
Content-Length: 5940
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/themes/GEKO/assets/css/modules.min.css?ver=5.3.14
194.30.34.225200 OK 327 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/modules.min.css?ver=5.3.14
IP 194.30.34.225:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 327 kB (327271 bytes)
Hash 8f4d5d3bd845fba907e7b9d5332a1c15
62436f03cb7b4a9fc310b64b7294de90b55b1aef
ef2550c750d346801a87a297623f584283586fd44dc39f2f457ba6075ba9fda9
GET /wp-content/themes/GEKO/assets/css/modules.min.css?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:26:59 GMT
ETag: "4fe67-5a4566ef13ec0"
Accept-Ranges: bytes
Content-Length: 327271
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/themes/GEKO/assets/css/linea-icons/style.css?ver=5.3.14
194.30.34.225200 OK 78 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/linea-icons/style.css?ver=5.3.14
IP 194.30.34.225:0
File type ASCII text, with very long lines (369)
Hash 18513056c4a412491127bc1cee55d372
e851a7961f873dac6eb973327db29c571bd2a571
b5cad6a450f4007b75ff83016582537871825a08c94ce709efb80947db45d40c
GET /wp-content/themes/GEKO/assets/css/linea-icons/style.css?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:30:56 GMT
ETag: "13100-5a4567d119400"
Accept-Ranges: bytes
Content-Length: 78080
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/themes/GEKO/assets/css/style_dynamic_responsive.css?ver=1588066019
194.30.34.225200 OK 893 B URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/style_dynamic_responsive.css?ver=1588066019
IP 194.30.34.225:0
Hash 1a8cd1f710c58dc249f519f1925a65f5
6e531ec2347aef8171882a24c089c4847397a0d1
e671ed0283e996ab0a491baf4e148fd6a3c6ae083bb1067bcd2f5730d330186c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/GEKO/assets/css/style_dynamic_responsive.css?ver=1588066019 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:26:59 GMT
ETag: "37d-5a4566ef13ec0"
Accept-Ranges: bytes
Content-Length: 893
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/themes/GEKO/assets/css/blog-responsive.min.css?ver=5.3.14
194.30.34.225200 OK 5.1 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/blog-responsive.min.css?ver=5.3.14
IP 194.30.34.225:0
File type ASCII text, with very long lines (5095), with no line terminators
Hash 212aa10585774c08ce711a8175c99f88
637a540a9096aa158b93eb8a26d73058d3e86d0f
378dc117b812ffa8f2c58daa94dca448e6a651cb6fbbb66520cd5c13c5721c37
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/GEKO/assets/css/blog-responsive.min.css?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:26:58 GMT
ETag: "13e7-5a4566ee1fc80"
Accept-Ranges: bytes
Content-Length: 5095
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/themes/GEKO/assets/css/style_dynamic.css?ver=1588066019
194.30.34.225200 OK 32 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/style_dynamic.css?ver=1588066019
IP 194.30.34.225:0
File type ASCII text, with very long lines (7124)
Hash 5abe3a767f9545c00f5ebbec543ec687
eeaa75b276ed9bc8cb1500fe7ae12a8c14c4d652
acb69586193c27a9d9815327c04c06638fda35dca6e23b58290458f7aa931a68
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/GEKO/assets/css/style_dynamic.css?ver=1588066019 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:26:59 GMT
ETag: "7b2e-5a4566ef13ec0"
Accept-Ranges: bytes
Content-Length: 31534
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend.min.js?ver=6.0.2
194.30.34.225200 OK 9.3 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend.min.js?ver=6.0.2
IP 194.30.34.225:0
File type ASCII text, with very long lines (1019)
Hash c8c95f0d378a2395cfc455065f470642
9ea4d1e7dc2671553e281f8732e9fcee06944b1b
dab98b1d5558dd15c7db5ada4438fe03a424a7c1f5e0f29567d39a0a892bcc41
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend.min.js?ver=6.0.2 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Wed, 29 Apr 2020 12:29:05 GMT
ETag: "2431-5a46d18062640"
Accept-Ranges: bytes
Content-Length: 9265
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-content/themes/GEKO/assets/css/modules-responsive.min.css?ver=5.3.14
194.30.34.225200 OK 39 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/modules-responsive.min.css?ver=5.3.14
IP 194.30.34.225:0
File type ASCII text, with very long lines (39212), with no line terminators
Hash dd283d6f9601e31886a3928c2e15dd90
a0c22b814ab813d8cfd0dbc06b44fcd3ca477dc9
435c7f26b135a8a78be94893345c6db9ed7268d4a050e1f11ecf326f37a9eebf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/GEKO/assets/css/modules-responsive.min.css?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:26:58 GMT
ETag: "992c-5a4566ee1fc80"
Accept-Ranges: bytes
Content-Length: 39212
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
194.30.34.225200 OK 10 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 194.30.34.225:0
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 10:26:33 GMT
ETag: "2748-5a45743f82840"
Accept-Ranges: bytes
Content-Length: 10056
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-content/plugins/essential-grid/public/assets/js/lightbox.js?ver=2.0.9
194.30.34.225200 OK 30 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/essential-grid/public/assets/js/lightbox.js?ver=2.0.9
IP 194.30.34.225:0
File type ASCII text, with very long lines (29411), with CRLF line terminators
Hash f15c70401c13be9e733d95ec78921861
d0b05bb6f93352782ddca450e211b5f8f07c0146
50fe53af4cf2c9e33d15c09fc39cd2ad5dfabb337602ee70db96f71d906337f1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/essential-grid/public/assets/js/lightbox.js?ver=2.0.9 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:29:10 GMT
ETag: "73fa-5a45676c02580"
Accept-Ranges: bytes
Content-Length: 29690
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-content/plugins/essential-grid/public/assets/js/jquery.themepunch.tools.min.js?ver=2.0.9
194.30.34.225200 OK 99 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/essential-grid/public/assets/js/jquery.themepunch.tools.min.js?ver=2.0.9
IP 194.30.34.225:0
File type ASCII text, with very long lines (25589), with CRLF line terminators
Hash af4d52447de73ed9237a12920f7b5f7a
3301ec9e0852fda2236cbc09f90d825cf35f9c89
a9c28be9876c0484db356be601b480cd5fd028a35e4ac735e81995cefaf274b3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/essential-grid/public/assets/js/jquery.themepunch.tools.min.js?ver=2.0.9 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:29:10 GMT
ETag: "181cf-5a45676c02580"
Accept-Ranges: bytes
Content-Length: 98767
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
194.30.34.225200 OK 97 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 194.30.34.225:0
File type ASCII text, with very long lines (31997)
Hash 49edccea2e7ba985cadc9ba0531cbed1
f8747f8ee704d9af31d0950015e01d3f9635b070
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 10:26:34 GMT
ETag: "17a69-5a45744076a80"
Accept-Ranges: bytes
Content-Length: 96873
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5
194.30.34.225200 OK 485 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5
IP 194.30.34.225:0
File type ASCII text, with very long lines (65358)
Size 485 kB (484857 bytes)
Hash 496827eca918d8d4a7d12c6dfc32715f
6b3c201784de091299d175c8009942ebeb553144
bf376bda577cabdec91f4e3f27597af77cb736bd548e87e987e1ee97e0549f1c
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:25:54 GMT
ETag: "765f9-5a4566b116c80"
Accept-Ranges: bytes
Content-Length: 484857
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/plugins/essential-grid/public/assets/js/jquery.themepunch.essential.min.js?ver=2.0.9
194.30.34.225200 OK 122 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/essential-grid/public/assets/js/jquery.themepunch.essential.min.js?ver=2.0.9
IP 194.30.34.225:0
File type ASCII text, with very long lines (32065), with CRLF line terminators
Size 122 kB (121580 bytes)
Hash 9b0c44db6901048808bb9aa6f11dc3d2
b76e4257c06581251a784b290eeba81ccafecbdb
748971a078487aaeee6e3877482a8e33ed9dba3f2ae22f92feca97d557896347
GET /wp-content/plugins/essential-grid/public/assets/js/jquery.themepunch.essential.min.js?ver=2.0.9 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:29:09 GMT
ETag: "1daec-5a45676b0e340"
Accept-Ranges: bytes
Content-Length: 121580
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.14
194.30.34.225200 OK 14 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.14
IP 194.30.34.225:0
File type ASCII text, with very long lines (10927)
Hash d6aeffd9e0126160ff89d369c05a5fbe
8480b15ad38e8e1d67960e72b513fa4f463e2cc1
95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "3619-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 13849
Connection: close
Content-Type: application/javascript
www.grupotresa.com/css/estilo.css
194.30.34.225200 OK 2.5 kB URL HTTP/1.1 www.grupotresa.com/css/estilo.css
IP 194.30.34.225:0
File type ASCII text, with CRLF line terminators
Hash a7b35c133f70d862c4604c6c7f2f3060
091a702e2bfc760bed50f171406488bb75a5a501
ea40fe1508fdd20c25251471050c4c0ee81cb35cff767a29c7d65af3582a621b
GET /css/estilo.css HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 10:34:35 GMT
ETag: "9dd-5a45760b2e4c0"
Accept-Ranges: bytes
Content-Length: 2525
Connection: close
Content-Type: text/css
www.grupotresa.com/css/jquery-ui.css
194.30.34.225200 OK 37 kB URL HTTP/1.1 www.grupotresa.com/css/jquery-ui.css
IP 194.30.34.225:0
File type ASCII text, with very long lines (2515)
Hash 6a58afe5bbc2a8411394d347ebc5505a
f97541364ddcc02b067ff5ea11d9f433bf7091f4
cefd1c96f050f425c6390340ef9524e0bab02101ffca24a93676555a3ce6dd22
GET /css/jquery-ui.css HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 10:34:35 GMT
ETag: "91ef-5a45760b2e4c0"
Accept-Ranges: bytes
Content-Length: 37359
Connection: close
Content-Type: text/css
www.grupotresa.com/js/main.js
194.30.34.225200 OK 5.8 kB URL HTTP/1.1 www.grupotresa.com/js/main.js
IP 194.30.34.225:0
File type ASCII text, with CRLF line terminators
Hash 8226c5dc293faf78fd8d7fd2a005c2de
4c3019618d42914a0291599646dd026c0ed9986a
50ccf65374afd59d1b51af07a3da6d5e20f13e23a5959b3938aaa6d2c28d0ea6
Analyzer Verdict Alert fortinet Malware
GET /js/main.js HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 10:34:35 GMT
ETag: "16ba-5a45760b2e4c0"
Accept-Ranges: bytes
Content-Length: 5818
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-content/plugins/js_composer/assets/lib/bower/flexslider/flexslider.min.css?ver=6.0.5
194.30.34.225200 OK 3.6 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/js_composer/assets/lib/bower/flexslider/flexslider.min.css?ver=6.0.5
IP 194.30.34.225:0
File type ASCII text, with very long lines (3577), with no line terminators
Hash 4484b19f2d4656052edd44a872a33fd7
05f1834c99482c68e08534a01f71d9eba906b85e
bd6402497fd4949e3d2591fbcebb4e7bf60463d24427603cce162b073f62d97a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/flexslider/flexslider.min.css?ver=6.0.5 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:31:39 GMT
ETag: "df9-5a4567fa1b4c0"
Accept-Ranges: bytes
Content-Length: 3577
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
194.30.34.225200 OK 14 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
IP 194.30.34.225:0
Hash 1534f06aa2b1b721a45372f8238e2461
86f7e7b926e1a88209d171b56dadbccc2c96f578
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Wed, 29 Apr 2020 12:28:13 GMT
ETag: "3868-5a46d14ecb140"
Accept-Ranges: bytes
Content-Length: 14440
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.0.2
194.30.34.225200 OK 60 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.0.2
IP 194.30.34.225:0
File type ASCII text, with very long lines (32001), with CRLF line terminators
Hash f63a704a20fbfce2ac718ef32d81dfb6
c2669e1cd79a3c0f6d8ead7a0037ceafdcc59bca
b4c9f2d7bf48d452780d0fe337e3115725d0426e89714179fc1a6e0f85b08271
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.0.2 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:29:56 GMT
ETag: "e9eb-5a456797e0d00"
Accept-Ranges: bytes
Content-Length: 59883
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
194.30.34.225200 OK 3.9 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (3704)
Hash e6784d91bf2c668bc4093063c5b15113
687e1d2e957a821280dbd205ae66182f16dfdc30
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "f59-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 3929
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
194.30.34.225200 OK 8.6 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (8339)
Hash a0b8589edef2f5b85ccf152816269a7d
93173c4b95691e08075a54531891463cc1fb7b5d
96b656700f9b4784f69af925f46ecc91caa7f444b3168ecbb64afe06f8fc4c99
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "2172-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 8562
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.0.5
194.30.34.225200 OK 54 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.0.5
IP 194.30.34.225:0
File type ASCII text, with very long lines (53826)
Hash 0b9ed7b612dcfe272e83e92398be1da5
3a3f2074a297776a05367d0e086e4e72981c3717
5b518bc060167c79b585ab74260cd0c4cd4ef5e6f7ee2759908ee832731352c4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.0.5 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:31:38 GMT
ETag: "d2e3-5a4567f927280"
Accept-Ranges: bytes
Content-Length: 53987
Connection: close
Content-Type: text/css
www.grupotresa.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
194.30.34.225200 OK 6.8 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (6603)
Hash 2fb11e1fba920ce6191aaf65473894ff
858e35ea212ce2c331f6f2b4980b55fa5bac29f5
1b4f1024fa4887b47765e2ad4db9bc1f6ea96335f77fd44c62b8538d75e7190c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "1aab-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 6827
Connection: close
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dee3039809fc2026852697eaa005560c
f4f6b76cf09e0a9e756ab6b9b8be26cb6e15b2c7
8091750102499bbd5d92ea3e89cf364e833df30e186963d67a0d66a13751ef8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grupotresa.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
194.30.34.225200 OK 6.4 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (6217)
Hash d1c2e97eeca08ca067ccf2c5736f0390
5281985542fcc8c5a651d1991296e12c39bfcb82
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3
GET /wp-includes/js/jquery/ui/position.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "1926-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 6438
Connection: close
Content-Type: application/javascript
geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png
104.19.150.56301 Moved Permanently 0 B URL HTTP/1.1 geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png
IP 104.19.150.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png HTTP/1.1
Host: geko.select-themes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 09 Nov 2022 19:13:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 09 Nov 2022 20:13:35 GMT
Location: https://geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7678ddd28ddc0b61-OSL
alt-svc: h2=":443"; ma=60
geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png
104.19.150.56301 Moved Permanently 0 B URL HTTP/1.1 geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png
IP 104.19.150.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png HTTP/1.1
Host: geko.select-themes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 09 Nov 2022 19:13:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 09 Nov 2022 20:13:35 GMT
Location: https://geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7678ddd28c2bb4f7-OSL
alt-svc: h2=":443"; ma=60
geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
104.19.150.56301 Moved Permanently 0 B URL HTTP/1.1 geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
IP 104.19.150.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png HTTP/1.1
Host: geko.select-themes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 09 Nov 2022 19:13:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 09 Nov 2022 20:13:35 GMT
Location: https://geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7678ddd2899cb524-OSL
alt-svc: h2=":443"; ma=60
www.grupotresa.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4
194.30.34.225200 OK 9.5 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (9330)
Hash b4b9458fcbfa3ff33fda9d1fe6a33dc5
d9dafac2c525a0b33039cb2e26d8bd80902d3ada
11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "2547-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 9543
Connection: close
Content-Type: application/javascript
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.195200 OK 34 kB URL HTTP/1.1 fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Hash 848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.grupotresa.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 33580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 04 Nov 2022 23:18:53 GMT
Expires: Sat, 04 Nov 2023 23:18:53 GMT
Cache-Control: public, max-age=31536000
Age: 417282
Last-Modified: Mon, 18 Jul 2022 19:32:55 GMT
Content-Type: font/woff2
www.grupotresa.com/wp-includes/js/dist/dom-ready.min.js?ver=2.5.1
194.30.34.225200 OK 1.2 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/dist/dom-ready.min.js?ver=2.5.1
IP 194.30.34.225:0
File type ASCII text, with very long lines (1169), with no line terminators
Hash 0d9ef672806b1357c5badde6095b5bbe
b31fc6d14197dc12648019a98d274f6dd001f604
f375aeaa275ea51a86150030cdb627cae120dc3b2d3d346821f16731fa2d1d75
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/dom-ready.min.js?ver=2.5.1 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Sat, 11 Sep 2021 03:23:34 GMT
ETag: "491-5cbafc1c23980"
Accept-Ranges: bytes
Content-Length: 1169
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4
194.30.34.225200 OK 7.2 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (6998)
Hash 96bebe37b0494fd593d242b0ab500197
c76a024864596ff36e8a3c494e81f0cdb0f8af7e
409c16852a61e50980a17fed11c6434aa362731291b49f9923f5a9bbc8c030b4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/button.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "1c2f-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 7215
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/dist/a11y.min.js?ver=2.5.1
194.30.34.225200 OK 2.2 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/dist/a11y.min.js?ver=2.5.1
IP 194.30.34.225:0
File type Unicode text, UTF-8 text, with very long lines (2235), with no line terminators
Hash 77ade69b82132d8900e4912616e521d2
21fc5d16211397753e08867611cacdeb948b2ea5
35d465a38a7c5a084e7fd7888a450d96ed5cefd82291b250df1a10c5782dd780
GET /wp-includes/js/dist/a11y.min.js?ver=2.5.1 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Sat, 11 Sep 2021 03:23:34 GMT
ETag: "8bc-5cbafc1c23980"
Accept-Ranges: bytes
Content-Length: 2236
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4
194.30.34.225200 OK 8.2 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (7998)
Hash cd39cd96dff0888fabd40c2c7c75e064
542a73251ba957bcac5b75d948fa9bfaa85e90a1
67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "2023-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 8227
Connection: close
Content-Type: application/javascript
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2906.1756170042986!2d-2.9047460842865926!3d43.24774108657168!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0xd4e4e5135147039%3A0x358432a304a7be70!2sGRUPO%20TRESA!5e0!3m2!1ses!2ses!4v1568125173193!5m2!1ses!2ses
142.250.74.164200 OK 1.2 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2906.1756170042986!2d-2.9047460842865926!3d43.24774108657168!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0xd4e4e5135147039%3A0x358432a304a7be70!2sGRUPO%20TRESA!5e0!3m2!1ses!2ses!4v1568125173193!5m2!1ses!2ses
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2095)
Hash 31300133c48e85dd6adf02508ce9f5db
7db3dd4548a1883515778f64c320b7e04673a8fd
854d123afdfe3c888c4e0544c04bf79bc2feef65357720efca5ca525009394ab
GET /maps/embed?pb=!1m18!1m12!1m3!1d2906.1756170042986!2d-2.9047460842865926!3d43.24774108657168!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0xd4e4e5135147039%3A0x358432a304a7be70!2sGRUPO%20TRESA!5e0!3m2!1ses!2ses!4v1568125173193!5m2!1ses!2ses HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.grupotresa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 09 Nov 2022 19:13:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-wZqMApEkO4m1ZJMapMRLDQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1178
x-xss-protection: 0
server-timing: gfet4t7; dur=142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.grupotresa.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
194.30.34.225200 OK 99 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
IP 194.30.34.225:0
File type Unicode text, UTF-8 text, with very long lines (34747), with NEL line terminators
Hash 7d2ef4bb244bac8a81d13ef4382d168e
a6fc91f32db89c2fe0c3eb2d15c13e20c1d6c8a4
96ed609b415be6ee67eadb8d2de7ce64d13de9c928bce8e1373bec97e233e74c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 10:26:54 GMT
ETag: "1833d-5a45745389780"
Accept-Ranges: bytes
Content-Length: 99133
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
194.30.34.225200 OK 36 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (35947)
Hash a236bd4097fcbfb009f64238dc4443a1
ddbeeaa10749e4a74fe624ced0531b9243235dd2
2c3f3b95a692312d9b75815ecb949a40c2a701ff148fe865fde55556c810a22c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "8d4c-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 36172
Connection: close
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grupotresa.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
194.30.34.225200 OK 3.1 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (2927)
Hash 412416b5df69805b1e084e50d4283c2f
b8c47463c0793854638a8981cfad35503f393297
7e8d54d6c6a4ebd0237786d41ff5d205096eda696f2a5b591e074fe94ba3b3af
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "c46-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 3142
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.11.4
194.30.34.225200 OK 12 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (11876)
Hash 8fa9e3f9c636c43c52bb7a861839376e
8f86d768f4fb5a5081f9266700448dcb7f7a16d1
72a1a8339a4ef21db997f17cac76cfe78938a1e755e37bdbe5dbc249bc6947d1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/dialog.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "2f3d-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 12093
Connection: close
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4e48180712e2e140b9748591e3228a70
49d4292426ddfbc6e98cff6d468e3bdf1be41ff7
16ebf61312b22e0032171995a665bad4ea8c7fd80636fc04eb6456d0f60397ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=es®ion=es&callback=onApiLoad
142.250.74.74200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=es®ion=es&callback=onApiLoad
IP 142.250.74.74:0
File type ASCII text, with very long lines (2564)
Hash f1b97c82a28fa5124ab4af67792cca36
cdd19289fa464a24ff103a91624173c291096c6e
f42bf0e70266d1a34b3f67d2fa6740aa71d1b3b1bfab657bdd36853753c58170
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=es®ion=es&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56449
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=15
date: Wed, 09 Nov 2022 19:03:38 GMT
expires: Wed, 09 Nov 2022 19:33:38 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.grupotresa.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.11.4
194.30.34.225200 OK 19 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (18586)
Hash 005186c73d00e12af11c4a5ff2b77dd0
871eaa6d4d6be51b141ffac9aaead6509bac8ea1
24539433fce4b27fc6c4a4c471eb078a394d562681dc15f3b7f1fc1550ab41f2
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/draggable.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "4979-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 18809
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.11.4
194.30.34.225200 OK 18 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (18143)
Hash a8d89577d43b628cae19a63410eb2828
bd130c5d418dfacfcb21c09d946c7c5374ee8e79
364ba5268d11ed9fbd16763df098faf8a1c059e9681c2debddf15d0830360427
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/resizable.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "47be-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 18366
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/progressbar.min.js?ver=1.11.4
194.30.34.225200 OK 2.5 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/progressbar.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (2241)
Hash 34c78c33e7c97e65a369bb0137d93d05
cacc3f34a1d55aa06284d107c4b2c240a179df0c
32e3e9f84b34b2f8a432a8e6383f3c909ca4d1fa9d980d81713c0d991972a424
GET /wp-includes/js/jquery/ui/progressbar.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 10:26:57 GMT
ETag: "9a4-5a45745665e40"
Accept-Ranges: bytes
Content-Length: 2468
Connection: close
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4e48180712e2e140b9748591e3228a70
49d4292426ddfbc6e98cff6d468e3bdf1be41ff7
16ebf61312b22e0032171995a665bad4ea8c7fd80636fc04eb6456d0f60397ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grupotresa.com/wp-includes/js/jquery/ui/selectable.min.js?ver=1.11.4
194.30.34.225200 OK 4.3 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/selectable.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (4033)
Hash 91167a07312f0c7cf9eadbb6211fa2d5
c6a554c0b01d1b3a6e4f873491f5b4744f64d47b
05ce3f549ff9e4aadaa6542643b0f72b9c39fcde428d65514774b143b5347f9e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/selectable.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 10:26:57 GMT
ETag: "10a2-5a45745665e40"
Accept-Ranges: bytes
Content-Length: 4258
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.11.4
194.30.34.225200 OK 11 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (10694)
Hash aa205fbfb232b9cb5f104142e7183b36
d73fef1ae7c9fc260dba69e57658793f01590eea
bf9d214a2ec4f01d57a72fa4417e1cd8f895800b277b6040eb98c77e4b49e668
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "2a9f-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 10911
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
194.30.34.225200 OK 12 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (11799)
Hash f2c8bed453ea6a55cad903c5e367bc4f
96323cb37f985657f8133dfbc452c189e277c2f1
b91aab00697781a1fb184945cd6e7602db0d45458fa58a53156110945f2b71be
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "2eec-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 12012
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/spinner.min.js?ver=1.11.4
194.30.34.225200 OK 7.1 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/spinner.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (6839)
Hash 6010817c2bd9b93461e335d0cbc6d6be
25ca4371a64aa39bcbc3c6953da002848405f37c
6b2562f3ed29e898a7d502a212c30516dec520856ee92093090934553cd99e51
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/spinner.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "1b92-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 7058
Connection: close
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13165
Expires: Wed, 09 Nov 2022 22:53:00 GMT
Date: Wed, 09 Nov 2022 19:13:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13165
Expires: Wed, 09 Nov 2022 22:53:00 GMT
Date: Wed, 09 Nov 2022 19:13:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13165
Expires: Wed, 09 Nov 2022 22:53:00 GMT
Date: Wed, 09 Nov 2022 19:13:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13165
Expires: Wed, 09 Nov 2022 22:53:00 GMT
Date: Wed, 09 Nov 2022 19:13:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29429581f8dc762c69c5916009f70080
9265cae98aa663a5498925b70079abdd8e7031fd
c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:43 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 77392
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 09:08:58 GMT
age: 36277
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39446652ee66d20bd73df20f1a29589c
349ea78f3ad0f2f7376ba22e417226b2e06806d7
655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4737
x-amzn-requestid: 3e45e647-43a6-43bf-b011-366e3899b400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAvEEr7IAMF_JQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b2d-76f4e8dc345994823ef9ce4d;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:39:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tgUANh-QVW5J4xKViYY6NCQYFLJBjXYoEupDzvKa2UJ9TZ-sBclIPQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:56:11 GMT
age: 76644
etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11ef1d34ac2d42662fe53fc58c882fdf
16f1e048895ed1ee0c0c071e3939e741113e4969
61c42bae12654cf9bd1e7ca0f616164ff4139dc470fb6c1033176374444d6bda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6272
x-amzn-requestid: 7287a2fe-853d-497f-a63e-1d521dd5326e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bG3dSGEIIAMF7Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365d2bb-4c6803ad2d4ea46e68abd386;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 03:04:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LDFjqTNKAf14q52-12SgdxG52y16CzeAmZFIIwxEnUFTYp8ZOTT4Ew==
via: 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 18:20:46 GMT
age: 3169
etag: "16f1e048895ed1ee0c0c071e3939e741113e4969"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.grupotresa.com/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.11.4
194.30.34.225200 OK 5.7 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (5431)
Hash 011521c4cb26175134847bc005c736fa
aab10f7d07a220841b1f29ea764d5b2c0c0fdcb9
4205086e08c34625efc0d72df59715ed8ec9cfd271e3eb51c6a37aa0a7daec2b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/tooltip.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "1612-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 5650
Connection: close
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86ec3f22045de1a100eccf27d91593ae
e26769d82108f89057b05096061f1276d34e223a
b863d19ab12945922b4d014c517f5ffe349cefe2bbe1c2f16661371f22378cbd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 1b1e2dfc-4096-45cf-adb3-58f0b1d614bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEAXHFhroAMF_Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364adc6-7b94977b4143970a48bc1857;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 06:14:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vzUPLMO4CDywKUQvQ9gbltVLYlNher7ZTXYC9A00LfwycdEmG7m9wg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 04:21:46 GMT
age: 53509
etag: "e26769d82108f89057b05096061f1276d34e223a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c69b19d2273c3ade32fd0797921c0459
8cafda5659f5b36c855a2bbcaeb03aa715ddeebd
d78b92e1175207b1179c85f9490f937e1647aeae3fe95cf8b3dc336db232945e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8154
x-amzn-requestid: 1d9d6e13-69a4-473d-af4b-ef3d4382f3ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTU2EyZoAMF94w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc1e-0dec203434f42df01d9a1182;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GWFybdPyZxzujAi9urpfQ_1HZCiJpmxpzg6j7a2gwdZ5E89xfc1MXg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:54:55 GMT
age: 76720
etag: "8cafda5659f5b36c855a2bbcaeb03aa715ddeebd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maps.gstatic.com/maps-api-v3/embed/js/50/12a/intl/es_ALL/init_embed.js
142.250.74.163200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/50/12a/intl/es_ALL/init_embed.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2669)
Hash 0d6c8c97aa29bd4bb2dc5ce60b5ad043
257b596e6de635ab6d7f4fe14d6c831ecbd87f02
3dbc7232163b9484261f6300638d9c83abdafdf385a9fd756c0002dbc04f499b
GET /maps-api-v3/embed/js/50/12a/intl/es_ALL/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68806
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 18:31:12 GMT
expires: Tue, 07 Nov 2023 18:31:12 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 04 Nov 2022 20:13:38 GMT
content-type: text/javascript
age: 175343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.grupotresa.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
194.30.34.225200 OK 13 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (11225)
Hash 50e725a9b1e53dd2231151e7dd8ee629
8b3182f2113ed7845f65b6b5983f20c753ee9505
c7f5e3b0b3a282b46aa5bbd5e7952b90ce98d0d1d214b3308d9abb6053becd92
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "33a7-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 13223
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4
194.30.34.225200 OK 1.1 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (899)
Hash e36fd7a0d8b7418ec9ddff4f77600c8c
89e2d38b1defefcec512086ab2681f56ed3e7ba7
3d5c5de31ad9d64a23beda3d8ec60183ca3ca1d19777d15e3ef4bf42c27924a8
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "469-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 1129
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
194.30.34.225200 OK 25 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
IP 194.30.34.225:0
File type HTML document, ASCII text, with very long lines (24607)
Hash ea712686ca9d325fddb57ce9be2b52c1
beccce00da22a7994cd0e09c1fe90b43df56bcf3
9af25ef0d99c5ef2c6f3b595b1716009858fc4bc71838ffcd61706bda396d261
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "60fc-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 24828
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.11.4
194.30.34.225200 OK 1.2 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (1010)
Hash add6542db50a3d3ec13c0a8cd6bee6dd
e9a4ce67acf1713cffefa7ee80a45000b8824df6
3bc0360d3c8667fa0f9489b0910550f12cb3b1c79fe7bd41191b649e2f371b5b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-bounce.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "4da-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 1242
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.11.4
194.30.34.225200 OK 908 B URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (680)
Hash 880adcd48ca0fd326f23014530986704
6530e7de017d4827dc8931758fae51a5c39ca322
a0b0d9da31851f55a0be971e91c668c325b078838af5b4a306cbae1acb7c53d5
GET /wp-includes/js/jquery/ui/effect-clip.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "38c-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 908
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.11.4
194.30.34.225200 OK 991 B URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (763)
Hash 0168ce283eee1a9c82a7cb377de13afc
2d07b077d1cc10c4ea434be14e84f3bcb0ce20c0
a6b733ac446743853f938caa85bf7d978f3d168b4099b90dc3657c5de69a57de
GET /wp-includes/js/jquery/ui/effect-drop.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "3df-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 991
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.11.4
194.30.34.225200 OK 1.0 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (797)
Hash 1e3331f2e2bb06e352835f8a1957a7c3
92e5d7294c4013c224cc62874877aeb2b5fc824d
9025a09743d7756dfca719884ab0c26cba79114b49b6f865c166876db0e0c57d
GET /wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "401-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 1025
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.11.4
194.30.34.225200 OK 515 B URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.11.4
IP 194.30.34.225:0
Hash 8a30f21e345577b420a78c5aba2b3156
cfb158c44beb76328bf092a9a1ae3e5e22881425
e1618154fbb42d1eac52d4e9a1438f1fcac0ba61dc613f9acf05cefb3c17d30f
GET /wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 10:26:55 GMT
ETag: "203-5a4574547d9c0"
Accept-Ranges: bytes
Content-Length: 515
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.11.4
194.30.34.225200 OK 1.2 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (935)
Hash 2f68b680e67f09ced628d98b2bb456ff
640aa4cf0905a4a13e31937aba00ac09c2bef703
23a26cf5689c7598d73e6ef9c0ff8f0fd1b4e9f0c751e354a5a40c30e03215ae
GET /wp-includes/js/jquery/ui/effect-explode.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 10:26:55 GMT
ETag: "491-5a4574547d9c0"
Accept-Ranges: bytes
Content-Length: 1169
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.11.4
194.30.34.225200 OK 789 B URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (551)
Hash 9b1d4283702ba049f9d88e0a75d05f81
c618a96e7ea6de46cba133d60a5eb469aae73389
cf059121b52a5e1264b775819c2ad5a6449eb26fa1618bc6b85c8880099bb925
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 10:26:55 GMT
ETag: "315-5a4574547d9c0"
Accept-Ranges: bytes
Content-Length: 789
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.11.4
194.30.34.225200 OK 794 B URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (560)
Hash 9cd7fda530044a85e536effcd530fccc
aed8161e5436998ef72dcd96d561c77298ec58be
8342752af4f86e651337e9e067df248ecac71f9a2ea1c354caaf33ae8201d566
GET /wp-includes/js/jquery/ui/effect-pulsate.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "31a-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 794
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/effect-size.min.js?ver=1.11.4
194.30.34.225200 OK 3.3 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect-size.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (3023)
Hash fbdf6877e2b8559fccad7a591d58663e
707dc9862ae2333f003c1c2b9387625bdbbbf331
99f47f1084db599d55bf70957f9a033eee6012a660c74009aea8bee651ddc3d0
GET /wp-includes/js/jquery/ui/effect-size.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "cb3-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 3251
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.11.4
194.30.34.225200 OK 1.1 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (871)
Hash 135cd16b6964aa75eed598f33997be7d
b02471c7165887f0a44c504496ccf9243de7a608
18e2b418fef1f7399ca3e58b26e440a2be4af59c32aa82c28db587744fcaf558
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-shake.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "44d-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 1101
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.11.4
194.30.34.225200 OK 1.1 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (879)
Hash 99dd1a11f49db0bc9b8a6ad749ac1be8
976e7c5c4af5a0970a1aa16168036dd7ebc19aa6
981273245f40043b454460f0f3bc7686ca73c05246ac7ac924f491086431e361
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-scale.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "455-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 1109
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.11.4
194.30.34.225200 OK 959 B URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (729)
Hash a0077303ca9ea5bd6da34ee026a418de
ac58e0ac80296a2736a1298ec10152c5b6ffe63a
5670e5f8a3ebd1c6a99db1d2d20ae73d1c498c45e200bbf505f6e6278cde5dd5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "3bf-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 959
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/jquery/ui/effect-transfer.min.js?ver=1.11.4
194.30.34.225200 OK 857 B URL HTTP/1.1 www.grupotresa.com/wp-includes/js/jquery/ui/effect-transfer.min.js?ver=1.11.4
IP 194.30.34.225:0
File type ASCII text, with very long lines (621)
Hash e81b0a5f159ddd53d9304015ed097366
18eb17bd3c34275f779694808bc73cc75dabbc90
9e20a504411a4d12e6a44c59cb44d87bcf2ee78a8c73397eb68b24d3a9b8512d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect-transfer.min.js?ver=1.11.4 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "359-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 857
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.3.14
194.30.34.225200 OK 1.2 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.3.14
IP 194.30.34.225:0
File type ASCII text, with very long lines (1193), with no line terminators
Hash f34f415aa56ed900eecf3f212adb57e2
352dfeec21817198c07ab11705b53d813420cea3
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "4a9-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 1193
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.3.14
194.30.34.225200 OK 907 B URL HTTP/1.1 www.grupotresa.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.3.14
IP 194.30.34.225:0
File type HTML document, ASCII text, with very long lines (907), with no line terminators
Hash 45b5fdfa92b3e7fa6eb36bc5cdc0a074
20f96c4ea76edc117fbb3423dde9bc8fa27ff820
0b2c979f1afdb9624c1565ef8fcb2b9ac6595712ce4b7bdc0e428c6082967419
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "38b-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 907
Connection: close
Content-Type: application/javascript
geko.qodeinteractive.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png
104.19.147.56200 OK 250 B URL HTTP/2 geko.qodeinteractive.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png
IP 104.19.147.56:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 9106b58cd67a757d34013ad61e826fcb
5f01f848404a402ed52a377b718236d444d3205b
fb8abf4975a70816d1ecb0e3dff7ed44ff73201795790a55b4abfb0d1b6d162f
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png HTTP/1.1
Host: geko.qodeinteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.grupotresa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 19:13:35 GMT
content-type: image/png
content-length: 250
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Thu, 10 Nov 2016 09:03:34 GMT
etag: "fa-540eea5f14580"
cache-control: public, max-age=31536000
expires: Thu, 09 Nov 2023 19:13:35 GMT
pragma: public
cf-cache-status: EXPIRED
accept-ranges: bytes
server: cloudflare
cf-ray: 7678ddd5aa68b4ed-OSL
X-Firefox-Spdy: h2
geko.qodeinteractive.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
104.19.147.56200 OK 600 B URL HTTP/2 geko.qodeinteractive.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
IP 104.19.147.56:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 2878f64a0217a154e531853f6a822c65
ac7a53e9f53b9de8a344c38222e217d50d559b83
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png HTTP/1.1
Host: geko.qodeinteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.grupotresa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 19:13:36 GMT
content-type: image/png
content-length: 600
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Thu, 10 Nov 2016 09:03:35 GMT
etag: "258-540eea60087c0"
cache-control: public, max-age=31536000
expires: Thu, 09 Nov 2023 19:13:35 GMT
pragma: public
cf-cache-status: EXPIRED
accept-ranges: bytes
server: cloudflare
cf-ray: 7678ddd5aa62b4ed-OSL
X-Firefox-Spdy: h2
www.grupotresa.com/wp-content/themes/GEKO/assets/js/packery-mode.pkgd.min.js?ver=5.3.14
194.30.34.225200 OK 14 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/js/packery-mode.pkgd.min.js?ver=5.3.14
IP 194.30.34.225:0
File type ASCII text, with very long lines (13547)
Hash 2e704c1f29cbb512e403ffe68315094a
97fcc42bff5c65aa3418ae419d3ef248c4ec195e
60ef0ce4272c1ae361476cf56578930a5517b8d9d699e22dffc94524d7234b6d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/GEKO/assets/js/packery-mode.pkgd.min.js?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:27:02 GMT
ETag: "3532-5a4566f1f0580"
Accept-Ranges: bytes
Content-Length: 13618
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.0.5
194.30.34.225200 OK 36 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.0.5
IP 194.30.34.225:0
File type ASCII text, with very long lines (32004)
Hash 38fc018b2a3e21b4fc9d85c31055fbe1
9080223675416c00aa51161dddc90ccc27e2905f
808975b6cf4ae51c0555c592409a545a54a842eacde7c5408f6d77fcc754cc61
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.0.5 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:34:08 GMT
ETag: "8b8a-5a45688834400"
Accept-Ranges: bytes
Content-Length: 35722
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-content/themes/GEKO/assets/js/smoothPageScroll.js?ver=5.3.14
194.30.34.225200 OK 953 B URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/js/smoothPageScroll.js?ver=5.3.14
IP 194.30.34.225:0
Hash 6b6c13400560ee2d4a05af58f5eea530
502e30523dbf498e54eb71a685b755d3e2239792
28121e6cbee18fb21f14df5be6c13e1d75395288fd21114b354a7312db9beee3
GET /wp-content/themes/GEKO/assets/js/smoothPageScroll.js?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:27:02 GMT
ETag: "3b9-5a4566f1f0580"
Accept-Ranges: bytes
Content-Length: 953
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.13-9993131
194.30.34.225200 OK 160 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.13-9993131
IP 194.30.34.225:0
File type ASCII text, with very long lines (65266)
Size 160 kB (160453 bytes)
Hash c6d1f8e334ded732e83231a64de3fd3f
05f7e36a68b6c5595a5e1c1908c5beede4ee12be
282c86db3fc6cedcc79b172069ba09831ce0e6ba235d13bff382f57f0d3977ff
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.13-9993131 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 10:26:35 GMT
ETag: "272c5-5a4574416acc0"
Accept-Ranges: bytes
Content-Length: 160453
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-content/themes/GEKO/assets/js/like.js?ver=1.0
194.30.34.225200 OK 2.0 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/js/like.js?ver=1.0
IP 194.30.34.225:0
Hash 657ee4e3446af52ef229039680a26fb8
008d0f3f50eb53659a4164e6785d447202ba7dce
9abd7a9a5a00996c64a2c0ce62353a54fb3b6349abd99267a97f78ec2cfb63aa
GET /wp-content/themes/GEKO/assets/js/like.js?ver=1.0 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:27:01 GMT
ETag: "7f6-5a4566f0fc340"
Accept-Ranges: bytes
Content-Length: 2038
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-content/themes/GEKO/assets/js/third-party.min.js?ver=5.3.14
194.30.34.225200 OK 392 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/js/third-party.min.js?ver=5.3.14
IP 194.30.34.225:0
File type HTML document, ASCII text, with very long lines (32005)
Size 392 kB (392390 bytes)
Hash 113ccccf4af2a6369858a915913a2d23
e529c91336be76b9a77c63a05ddbe20f07ea6e27
5a401c7388b416401daf1f641d4c77eabb74c71966215d55d32ca8fbc9a7b9c5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/GEKO/assets/js/third-party.min.js?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:27:02 GMT
ETag: "5fcc6-5a4566f1f0580"
Accept-Ranges: bytes
Content-Length: 392390
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-includes/js/wp-embed.min.js?ver=5.3.14
194.30.34.225200 OK 1.4 kB URL HTTP/1.1 www.grupotresa.com/wp-includes/js/wp-embed.min.js?ver=5.3.14
IP 194.30.34.225:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash 570ae0f3c201604926ea599d3d1f6c04
2c29243a73660964d4712b969d2a15e27777bc14
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Thu, 15 Apr 2021 03:23:40 GMT
ETag: "56f-5bffa63c2e700"
Accept-Ranges: bytes
Content-Length: 1391
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-content/themes/GEKO/assets/js/modules.min.js?ver=5.3.14
194.30.34.225200 OK 93 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/js/modules.min.js?ver=5.3.14
IP 194.30.34.225:0
File type HTML document, ASCII text, with very long lines (32014)
Hash 0f394f35bffa38e0a96dc541386ae74b
398512471fa0b884a228355ffd4b9c30050eaafa
92665e6499437125e3c33d796f5d728659fb512f1cab22a647dde37db7351846
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/GEKO/assets/js/modules.min.js?ver=5.3.14 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:27:02 GMT
ETag: "16b34-5a4566f1f0580"
Accept-Ranges: bytes
Content-Length: 92980
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.0.5
194.30.34.225200 OK 9.2 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.0.5
IP 194.30.34.225:0
File type Unicode text, UTF-8 text, with very long lines (8853)
Hash 5ff487a413612cbbf6bc391c10ff7bac
acbbd8a96ecad33158f29e45afcd41e4b2dd6579
357ad057de8ffc0fc9df301dd1873c3d482e926791195ee262da3886269f84d8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.0.5 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:29:27 GMT
ETag: "2415-5a45677c38bc0"
Accept-Ranges: bytes
Content-Length: 9237
Connection: close
Content-Type: application/javascript
www.grupotresa.com/wp-content/plugins/js_composer/assets/lib/bower/flexslider/jquery.flexslider-min.js?ver=6.0.5
194.30.34.225200 OK 22 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/js_composer/assets/lib/bower/flexslider/jquery.flexslider-min.js?ver=6.0.5
IP 194.30.34.225:0
File type ASCII text, with very long lines (21539)
Hash 866fe370b8ff31e6547f5e0ce74f1def
60db8ac751e83482d64996e9b5333a6a23b3d403
ccfb7762be932f26ce547d4bb7477b61cb54b3addd78b1c721738de5d2fdb4ec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/flexslider/jquery.flexslider-min.js?ver=6.0.5 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:31:39 GMT
ETag: "5561-5a4567fa1b4c0"
Accept-Ranges: bytes
Content-Length: 21857
Connection: close
Content-Type: application/javascript
geko.qodeinteractive.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png
104.19.147.56200 OK 268 B URL HTTP/2 geko.qodeinteractive.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png
IP 104.19.147.56:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash a6b419f8502fa8faca4c693b46989e2d
fb3862465a32facd5b5e158b0544b567a01d343e
9c86c0c02ccb446b1a50d0282f4d9715e45670be443c4c3f666c263601e36274
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png HTTP/1.1
Host: geko.qodeinteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.grupotresa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 19:13:36 GMT
content-type: image/png
content-length: 268
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Thu, 10 Nov 2016 09:03:37 GMT
etag: "10c-540eea61f0c40"
cache-control: public, max-age=31536000
expires: Thu, 09 Nov 2023 19:13:36 GMT
pragma: public
cf-cache-status: EXPIRED
accept-ranges: bytes
server: cloudflare
cf-ray: 7678ddd5ba8eb4ed-OSL
X-Firefox-Spdy: h2
www.grupotresa.com/wp-content/themes/GEKO/assets/css/elegant-icons/fonts/ElegantIcons.woff
194.30.34.225200 OK 64 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/elegant-icons/fonts/ElegantIcons.woff
IP 194.30.34.225:0
File type Web Open Font Format, CFF, length 63664, version 1.0\012- data
Hash fdd9e757bf61675343dcf55100422b84
f9be87fa2d1d4a95e8305afb51778db4bc759fbc
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/GEKO/assets/css/elegant-icons/fonts/ElegantIcons.woff HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.grupotresa.com/wp-content/themes/GEKO/assets/css/elegant-icons/style.min.css?ver=5.3.14
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:32:57 GMT
ETag: "f8b0-5a4568447e440"
Accept-Ranges: bytes
Content-Length: 63664
Connection: close
Content-Type: font/woff
www.grupotresa.com/wp-content/themes/GEKO/assets/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
194.30.34.225200 OK 77 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 194.30.34.225:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/GEKO/assets/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.grupotresa.com/wp-content/themes/GEKO/assets/css/font-awesome/css/font-awesome.min.css?ver=5.3.14
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:32:58 GMT
ETag: "12d68-5a45684572680"
Accept-Ranges: bytes
Content-Length: 77160
Connection: close
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 730 B IP 142.250.74.35:0
File type gzip compressed data, max compression\012- data
Hash 8525849fa802d70910ff36f759f02b55
a92a62b50beb799a9b908a2b2528717a691038c7
18f2f3c69957a44a4dac70665d80c53a5899aff55fcc78c750908bd664c38526
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grupotresa.com/wp-content/uploads/2016/12/GrupoTresaBlancoTrans.png
194.30.34.225200 OK 11 kB URL HTTP/1.1 www.grupotresa.com/wp-content/uploads/2016/12/GrupoTresaBlancoTrans.png
IP 194.30.34.225:0
File type PNG image data, 300 x 62, 8-bit/color RGBA, non-interlaced\012- data
Hash fae88db1c628d9c18bc0954725c34d2d
171ebba988ef28d38e7f3e4d811ac5dd471e4887
b6d7c421228bfd2c82c0dc1fa6544251aa767e00cc0002fd9a9c5ec3f07a65dc
GET /wp-content/uploads/2016/12/GrupoTresaBlancoTrans.png HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:23:52 GMT
ETag: "2ca2-5a45663cbda00"
Accept-Ranges: bytes
Content-Length: 11426
Connection: close
Content-Type: image/png
www.grupotresa.com/wp-content/uploads/2016/12/Logo500B.png
194.30.34.225200 OK 28 kB URL HTTP/1.1 www.grupotresa.com/wp-content/uploads/2016/12/Logo500B.png
IP 194.30.34.225:0
File type PNG image data, 500 x 104, 8-bit/color RGBA, non-interlaced\012- data
Hash e5a1863301d0761c816a75476d86f98a
117dc52f467c210fc600b538b84d46c40e77c63e
588ad010a8d0c16e4e2c0b3bafcea42f5d043a88f4ccafea28bc23eb01a3feb9
GET /wp-content/uploads/2016/12/Logo500B.png HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:23:56 GMT
ETag: "6bcc-5a4566408e300"
Accept-Ranges: bytes
Content-Length: 27596
Connection: close
Content-Type: image/png
www.grupotresa.com/wp-content/themes/GEKO/assets/css/ion-icons/fonts/ionicons.ttf?v=2.0.0
194.30.34.225200 OK 189 kB URL HTTP/1.1 www.grupotresa.com/wp-content/themes/GEKO/assets/css/ion-icons/fonts/ionicons.ttf?v=2.0.0
IP 194.30.34.225:0
File type TrueType Font data, 15 tables, 1st "FFTM", 14 names, Macintosh\012- data
Size 189 kB (188724 bytes)
Hash 0d39918c71ad0bf2db5766fe14828114
a7f729edc4624182c4274b40ec83f524459978ed
6fb7a322fbd6b62ef6886848ef5bec4df887fdbe53b52ac30ad597b766a815e1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/GEKO/assets/css/ion-icons/fonts/ionicons.ttf?v=2.0.0 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/wp-content/themes/GEKO/assets/css/ion-icons/css/ionicons.min.css?ver=5.3.14
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:33:00 GMT
ETag: "2e134-5a4568475ab00"
Accept-Ranges: bytes
Content-Length: 188724
Connection: close
Content-Type: font/ttf
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f0c1ba8782042e64d296c64158811a67
ae25bf491e6f7381e4eecfead2a61e95489c850f
eb70540a2e2a591edb02abefb7ba5e08d35fe532db6469c1df9e45e5c4bb9983
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f0c1ba8782042e64d296c64158811a67
ae25bf491e6f7381e4eecfead2a61e95489c850f
eb70540a2e2a591edb02abefb7ba5e08d35fe532db6469c1df9e45e5c4bb9983
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grupotresa.com/wp-content/uploads/2016/11/Logo.png
194.30.34.225200 OK 53 kB URL HTTP/1.1 www.grupotresa.com/wp-content/uploads/2016/11/Logo.png
IP 194.30.34.225:0
File type PNG image data, 800 x 157, 8-bit/color RGBA, non-interlaced\012- data
Hash 4b4b857786673b8e0ddd6b3ea5ec9158
4eac83b3856b0e7f722133c9d5ae347698f72268
856e439754881bec8efa5f6f8b9bcf9acf9fd0dbc1c5e55503fad7c7b9248530
GET /wp-content/uploads/2016/11/Logo.png HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:23:12 GMT
ETag: "cda5-5a45661698000"
Accept-Ranges: bytes
Content-Length: 52645
Connection: close
Content-Type: image/png
www.grupotresa.com/wp-content/plugins/js_composer/assets/lib/bower/flexslider/fonts/flexslider-icon.woff
194.30.34.225200 OK 1.3 kB URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/js_composer/assets/lib/bower/flexslider/fonts/flexslider-icon.woff
IP 194.30.34.225:0
File type Web Open Font Format, TrueType, length 1268, version 1.0\012- data
Hash f8b92f66539473eea649c8514eb836a0
9876bce2a7b39125bd7a406c445e46e704d7b37e
333fe8266952f16c8b686f3edd78293da28e6eaef314dca86bc4eeaa23f290e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/flexslider/fonts/flexslider-icon.woff HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.grupotresa.com/wp-content/plugins/js_composer/assets/lib/bower/flexslider/flexslider.min.css?ver=6.0.5
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:34:07 GMT
ETag: "4f4-5a456887401c0"
Accept-Ranges: bytes
Content-Length: 1268
Connection: close
Content-Type: font/woff
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 603568
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 14:07:32 GMT
expires: Thu, 09 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 18364
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f0c1ba8782042e64d296c64158811a67
ae25bf491e6f7381e4eecfead2a61e95489c850f
eb70540a2e2a591edb02abefb7ba5e08d35fe532db6469c1df9e45e5c4bb9983
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grupotresa.com/wp-content/uploads/2016/12/LogoLight.png
194.30.34.225200 OK 74 kB URL HTTP/1.1 www.grupotresa.com/wp-content/uploads/2016/12/LogoLight.png
IP 194.30.34.225:0
File type PNG image data, 800 x 157, 8-bit/color RGBA, non-interlaced\012- data
Hash 952f8635048b73ad3051a667634bcc16
3a33d611894bc3e9311f1ee7fa578615676eb0d3
a6801e96222af11f0c0c4f50eef546d41ffe672794b2a3b5a938513628e6403f
GET /wp-content/uploads/2016/12/LogoLight.png HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:23:58 GMT
ETag: "12203-5a45664276780"
Accept-Ranges: bytes
Content-Length: 74243
Connection: close
Content-Type: image/png
www.grupotresa.com/wp-content/uploads/2016/11/GrupoTresaMapa.jpg
194.30.34.225200 OK 516 kB URL HTTP/1.1 www.grupotresa.com/wp-content/uploads/2016/11/GrupoTresaMapa.jpg
IP 194.30.34.225:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 950x569, components 3\012- data
Size 516 kB (515551 bytes)
Hash ea60a9b96bc03f712e9b11a2db339d52
751b4b4123490ae8b1f11b9ce15ddf58ebe99f56
111e8ec87c81fdfb85893dd4e2235acb33aa6cc07d25ac13c9844225dc42746a
GET /wp-content/uploads/2016/11/GrupoTresaMapa.jpg HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:22:58 GMT
ETag: "7dddf-5a4566093e080"
Accept-Ranges: bytes
Content-Length: 515551
Connection: close
Content-Type: image/jpeg
www.grupotresa.com/wp-content/uploads/2016/11/Vinedos.jpg
194.30.34.225200 OK 181 kB URL HTTP/1.1 www.grupotresa.com/wp-content/uploads/2016/11/Vinedos.jpg
IP 194.30.34.225:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1440x394, components 3\012- data
Size 181 kB (181043 bytes)
Hash f444c72213bd1427d4073b53baa4332f
29c28cef9c81df238e54c1bd5b58acbf975ede18
781033b925423482e190602b291a8d68e09223e65496ace1e213c03925fa3b2f
GET /wp-content/uploads/2016/11/Vinedos.jpg HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:23:28 GMT
ETag: "2c333-5a456625da400"
Accept-Ranges: bytes
Content-Length: 181043
Connection: close
Content-Type: image/jpeg
www.grupotresa.com/wp-content/uploads/2016/11/Pabellon.jpg
194.30.34.225200 OK 294 kB URL HTTP/1.1 www.grupotresa.com/wp-content/uploads/2016/11/Pabellon.jpg
IP 194.30.34.225:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1440x394, components 3\012- data
Size 294 kB (294536 bytes)
Hash f8e1b31ecb8c931687833557aea5451e
88b90efa06c1d05939ea3db743d9a47b50973389
fa9e8a0ab04e6fefe9a4226e714bc4ddf9ea7a33325277754e69324ce9a821ed
GET /wp-content/uploads/2016/11/Pabellon.jpg HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:23:17 GMT
ETag: "47e88-5a45661b5cb40"
Accept-Ranges: bytes
Content-Length: 294536
Connection: close
Content-Type: image/jpeg
www.grupotresa.com/wp-content/uploads/2016/11/IMG_3174.jpg
194.30.34.225200 OK 721 kB URL HTTP/1.1 www.grupotresa.com/wp-content/uploads/2016/11/IMG_3174.jpg
IP 194.30.34.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, manufacturer=Apple, model=iPhone 5s, orientation=upper-left, xresolution=138, yresolution=146, resolutionunit=2, software=Photos 1.5, datetime=2015:07:27 17:56:52], baseline, precision 8, 3264x893, components 3\012- data
Size 721 kB (721299 bytes)
Hash 9c871e55177188d52cdb9f2517dd30a5
61b03716291d7bb06cc9ef67eb540e7a3fd38ca8
26e760962f025a12a24f8b3492394dbbdf6f32c0f39df6a365a7d47c9d1458b0
GET /wp-content/uploads/2016/11/IMG_3174.jpg HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:23:04 GMT
ETag: "b0193-5a45660ef6e00"
Accept-Ranges: bytes
Content-Length: 721299
Connection: close
Content-Type: image/jpeg
www.grupotresa.com/wp-content/uploads/2016/11/IMG_6214.jpg
194.30.34.225200 OK 144 kB URL HTTP/1.1 www.grupotresa.com/wp-content/uploads/2016/11/IMG_6214.jpg
IP 194.30.34.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Photos 1.5, datetime=2016:08:05 18:13:09], baseline, precision 8, 1600x438, components 3\012- data
Size 144 kB (144313 bytes)
Hash 014255c2136bdb437e9971038260475d
c23a68dfac204a4d64569ae74e4a87731797ec69
491a1821542559a8d6f4836b9a50557de9192dc9664d0f072f33b5653d89539c
GET /wp-content/uploads/2016/11/IMG_6214.jpg HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:23:05 GMT
ETag: "233b9-5a45660feb040"
Accept-Ranges: bytes
Content-Length: 144313
Connection: close
Content-Type: image/jpeg
www.grupotresa.com/wp-content/uploads/2016/11/17260-02.jpg
194.30.34.225200 OK 2.8 MB URL HTTP/1.1 www.grupotresa.com/wp-content/uploads/2016/11/17260-02.jpg
IP 194.30.34.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=Canon, model=Canon EOS 5D Mark II, orientation=upper-left, xresolution=174, yresolution=182, resolutionunit=2, software=Photos 1.5, datetime=2014:08:07 12:54:41], baseline, precision 8, 5616x1537, components 3\012- data
Size 2.8 MB (2814673 bytes)
Hash 32160590bfacab2b72dac91f74f46d35
e7513918250329f3afc1f303be9c496a606c54ae
39a81a34b18014ed4cc006945357b88a2740bd48052e2f6acdac0ec5a4e8d1d7
GET /wp-content/uploads/2016/11/17260-02.jpg HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:22:44 GMT
ETag: "2af2d1-5a4565fbe4100"
Accept-Ranges: bytes
Content-Length: 2814673
Connection: close
Content-Type: image/jpeg
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Wed, 09 Nov 2022 18:22:37 GMT
Expires: Wed, 09 Nov 2022 20:22:37 GMT
Cache-Control: public, max-age=7200
Age: 3060
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.74403 Forbidden 132 B URL HTTP/1.1 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.74:0
File type JSON data\012- , ASCII text
Hash 3c954b0fdf7d56714cf712d02e0bf056
5c5acb630475cc6198b7191ba1adf49d72dd82f9
effda9280db937a1b47807f746c2797cdd1d44ffc3af3e1eee40306d7a9fe632
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.grupotresa.com
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 403 Forbidden
Vary: Origin, X-Origin, Referer
Content-Type: application/json; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 09 Nov 2022 19:13:37 GMT
Server: scaffolding on HTTPServer2
Cache-Control: private
Content-Length: 132
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: http://www.grupotresa.com
Access-Control-Expose-Headers: vary,vary,vary,content-encoding,date,server,content-length
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grupotresa.com/wp-content/uploads/2016/11/cropped-TresaIco-32x32.png
194.30.34.225200 OK 2.7 kB URL HTTP/1.1 www.grupotresa.com/wp-content/uploads/2016/11/cropped-TresaIco-32x32.png
IP 194.30.34.225:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash baf3c2cf89e31cbe17541672c3df5ef5
0698d084867139ba5ade1ff9ca58c9bed0397cbc
97fa5e752a6e20186848ff1a2b34691d32f643c4f590c1938d23b8b86516f74c
GET /wp-content/uploads/2016/11/cropped-TresaIco-32x32.png HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:22:49 GMT
ETag: "a5d-5a456600a8c40"
Accept-Ranges: bytes
Content-Length: 2653
Connection: close
Content-Type: image/png
www.google-analytics.com/j/collect?v=1&_v=j98&a=1673177833&t=pageview&_s=1&dl=http%3A%2F%2Fwww.grupotresa.com%2F&ul=en-us&de=UTF-8&dt=GRUPO%20TRESA%20%7C%20Obra%20civil%20y%20conservaci%C3%B3n.%20Las%20actuaciones%20de%20GRUPO%20TRESA%20en%20este%20campo%20son%20variadas%20y%20de%20distintos%20alcances.%20M%C3%A1s%20info%20..&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABCAAAACAAI~&jid=2116612577&gjid=667651857&cid=2048558137.1668021214&tid=UA-147532565-1&_gid=1839659797.1668021214&_r=1&_slc=1&z=486808222
142.250.74.174200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1673177833&t=pageview&_s=1&dl=http%3A%2F%2Fwww.grupotresa.com%2F&ul=en-us&de=UTF-8&dt=GRUPO%20TRESA%20%7C%20Obra%20civil%20y%20conservaci%C3%B3n.%20Las%20actuaciones%20de%20GRUPO%20TRESA%20en%20este%20campo%20son%20variadas%20y%20de%20distintos%20alcances.%20M%C3%A1s%20info%20..&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABCAAAACAAI~&jid=2116612577&gjid=667651857&cid=2048558137.1668021214&tid=UA-147532565-1&_gid=1839659797.1668021214&_r=1&_slc=1&z=486808222
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=1673177833&t=pageview&_s=1&dl=http%3A%2F%2Fwww.grupotresa.com%2F&ul=en-us&de=UTF-8&dt=GRUPO%20TRESA%20%7C%20Obra%20civil%20y%20conservaci%C3%B3n.%20Las%20actuaciones%20de%20GRUPO%20TRESA%20en%20este%20campo%20son%20variadas%20y%20de%20distintos%20alcances.%20M%C3%A1s%20info%20..&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABCAAAACAAI~&jid=2116612577&gjid=667651857&cid=2048558137.1668021214&tid=UA-147532565-1&_gid=1839659797.1668021214&_r=1&_slc=1&z=486808222 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.grupotresa.com
Connection: keep-alive
Referer: http://www.grupotresa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.grupotresa.com
date: Wed, 09 Nov 2022 19:13:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.grupotresa.com/wp-content/uploads/2016/11/cropped-TresaIco-192x192.png
194.30.34.225200 OK 27 kB URL HTTP/1.1 www.grupotresa.com/wp-content/uploads/2016/11/cropped-TresaIco-192x192.png
IP 194.30.34.225:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash b1e7460e9f667546aeaefdf74ac6ce1c
9065b88e956a6cefa3ed677f60b19a75dfa5f869
1bded94898886f517eee6ba35c368b5323c6a282a74431df8391050ed6a3d41f
GET /wp-content/uploads/2016/11/cropped-TresaIco-192x192.png HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:22:48 GMT
ETag: "6b13-5a4565ffb4a00"
Accept-Ranges: bytes
Content-Length: 27411
Connection: close
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.grupotresa.com/wp-content/uploads/2016/11/Guggenheim.jpg
194.30.34.225200 OK 165 kB URL HTTP/1.1 www.grupotresa.com/wp-content/uploads/2016/11/Guggenheim.jpg
IP 194.30.34.225:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1440x394, components 3\012- data
Size 165 kB (164805 bytes)
Hash 6f44bfbdc2acd04c9bb59b67f93c5dbc
c15740ab7b38cebcd65fcbf1abf888ff7c69b4cb
55805f650de38e2cb6ba83f50797b3cd89b93144eabce72cf438401e37a981a7
GET /wp-content/uploads/2016/11/Guggenheim.jpg HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:22:59 GMT
ETag: "283c5-5a45660a322c0"
Accept-Ranges: bytes
Content-Length: 164805
Connection: close
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 82c95295023c4cedd687b9796d0bf912
87e16cfd5b5e0cc4944001914579e4312f9158d4
3339bdad2df7c661a441e902f5bc4c2a94ae6676099a64901a85b50800a6b982
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-147532565-1&cid=2048558137.1668021214&jid=2116612577&gjid=667651857&_gid=1839659797.1668021214&_u=YEBAAUAACAAAACAAI~&z=409858415
64.233.165.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-147532565-1&cid=2048558137.1668021214&jid=2116612577&gjid=667651857&_gid=1839659797.1668021214&_u=YEBAAUAACAAAACAAI~&z=409858415
IP 64.233.165.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-147532565-1&cid=2048558137.1668021214&jid=2116612577&gjid=667651857&_gid=1839659797.1668021214&_u=YEBAAUAACAAAACAAI~&z=409858415 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.grupotresa.com
Connection: keep-alive
Referer: http://www.grupotresa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.grupotresa.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 09 Nov 2022 19:13:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 82c95295023c4cedd687b9796d0bf912
87e16cfd5b5e0cc4944001914579e4312f9158d4
3339bdad2df7c661a441e902f5bc4c2a94ae6676099a64901a85b50800a6b982
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 19:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps-api-v3/api/js/50/12a/common.js
142.250.74.74200 OK 254 kB URL HTTP/1.1 maps.googleapis.com/maps-api-v3/api/js/50/12a/common.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (581)
Size 254 kB (253994 bytes)
Hash 7caaf941be566b5a0ab845ebbe6fa41c
6baa9fd462731f60d53390e8e808bca815601226
b7f6913366b53872adac07cbd9708d54830a578b5a59e6fcb600e32b340fa1bc
GET /maps-api-v3/api/js/50/12a/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="maps-api-js"
Report-To: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
Content-Length: 253994
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 07 Nov 2022 18:37:20 GMT
Expires: Tue, 07 Nov 2023 18:37:20 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 04 Nov 2022 20:13:41 GMT
Content-Type: text/javascript
Age: 174981
maps.googleapis.com/maps-api-v3/api/js/50/12a/util.js
142.250.74.74200 OK 0 B URL HTTP/1.1 maps.googleapis.com/maps-api-v3/api/js/50/12a/util.js
IP 142.250.74.74:0
GET /maps-api-v3/api/js/50/12a/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="maps-api-js"
Report-To: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
Content-Length: 169553
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 07 Nov 2022 18:37:20 GMT
Expires: Tue, 07 Nov 2023 18:37:20 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 04 Nov 2022 20:13:41 GMT
Content-Type: text/javascript
Age: 174981
geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png
104.19.150.56301 Moved Permanently 0 B URL HTTP/2 geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png
IP 104.19.150.56:0
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png HTTP/1.1
Host: geko.select-themes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.grupotresa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 19:13:35 GMT
content-type: text/html; charset=iso-8859-1
location: https://geko.qodeinteractive.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png
cache-control: max-age=3600
expires: Wed, 09 Nov 2022 20:13:35 GMT
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7678ddd30ae3b505-OSL
X-Firefox-Spdy: h2
geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png
104.19.150.56301 Moved Permanently 0 B URL HTTP/2 geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png
IP 104.19.150.56:0
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png HTTP/1.1
Host: geko.select-themes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.grupotresa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 19:13:35 GMT
content-type: text/html; charset=iso-8859-1
location: https://geko.qodeinteractive.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png
cache-control: max-age=3600
expires: Wed, 09 Nov 2022 20:13:35 GMT
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7678ddd30ae5b505-OSL
X-Firefox-Spdy: h2
geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
104.19.150.56301 Moved Permanently 0 B URL HTTP/2 geko.select-themes.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
IP 104.19.150.56:0
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png HTTP/1.1
Host: geko.select-themes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.grupotresa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 19:13:35 GMT
content-type: text/html; charset=iso-8859-1
location: https://geko.qodeinteractive.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
cache-control: max-age=3600
expires: Wed, 09 Nov 2022 20:13:35 GMT
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7678ddd30aebb505-OSL
X-Firefox-Spdy: h2
www.grupotresa.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5
194.30.34.225200 OK 0 B URL HTTP/1.1 www.grupotresa.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5
IP 194.30.34.225:0
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5 HTTP/1.1
Host: www.grupotresa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.grupotresa.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 19:13:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Tue, 28 Apr 2020 09:29:15 GMT
ETag: "5079-5a456770c70c0"
Accept-Ranges: bytes
Content-Length: 20601
Connection: close
Content-Type: application/javascript