r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11911
Expires: Fri, 02 Dec 2022 19:15:48 GMT
Date: Fri, 02 Dec 2022 15:57:17 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3316
Cache-Control: max-age=156554
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 15:57:17 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 11:26:31 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 15:19:57 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2240
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9895
Expires: Fri, 02 Dec 2022 18:42:12 GMT
Date: Fri, 02 Dec 2022 15:57:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xvWrHl1pQqu6uzzxsIegjfsyXz5yBzUWTfdxGK3C72E3iR1AXfe0se8zmRqPjRb0I+lmQXzMPJo=
x-amz-request-id: NJWB34HVMFXSC1F8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 15:46:45 GMT
age: 632
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
hgv.com.co/
45.79.30.185301 Moved Permanently 0 B IP 45.79.30.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 15:57:16 GMT
Server: Apache
X-Redirect-By: WordPress
Location: https://hgv.com.co/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 15:57:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 15:08:57 GMT
cache-control: public,max-age=3600
age: 2901
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.comodoca.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a0a7cc92339f74699a88230bb5cf7ab4
74b6bd0a3183ebee084848495f246cf717f67f79
14fc9aa188d4c55d3422f5573ef9a7ed2676170f99dbceef4a0b2a85115298d1
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 05:00:29 GMT
Expires: Fri, 09 Dec 2022 05:00:28 GMT
Etag: "74b6bd0a3183ebee084848495f246cf717f67f79"
Cache-Control: max-age=564789,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773541ee0e7d0b31-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3312
Cache-Control: max-age=151488
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 15:57:18 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:02:06 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.242.3.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.3.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bfvJAGhYePkmd2qbRhMQBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AU5IC+WOIRLHuLG0WFUORptSXCY=
hgv.com.co/
45.79.30.185200 OK 115 kB IP 45.79.30.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9493), with CRLF, LF line terminators
Size 115 kB (115035 bytes)
Hash cd81e5db6e9103e8e39db9699215f6e0
0f6d1e583eace9441df43c24003fa046c280d6f3
4a6646072cb45fa7f3f87068fd5a9d95b1bcbd951d98f454e3e2752013b9b643
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:17 GMT
Server: Apache
Link: <https://hgv.com.co/wp-json/>; rel="https://api.w.org/", <https://hgv.com.co/wp-json/wp/v2/pages/45>; rel="alternate"; type="application/json", <https://hgv.com.co/>; rel=shortlink
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 15:57:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 15:57:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 15:57:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-5290622-2
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-5290622-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 4c0d7567d2975d5da621c613e80de895
32612ec1cbcad45c5829f1714267df4ee7151215
b07747ba83ee99c8f4beaabc9eebf5e0f52c889cbfaed1ede34fa0579f954902
GET /gtag/js?id=UA-5290622-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 15:57:19 GMT
expires: Fri, 02 Dec 2022 15:57:19 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43607
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hgv.com.co/wp-includes/css/classic-themes.min.css?ver=1
45.79.30.185200 OK 217 B URL HTTP/1.1 hgv.com.co/wp-includes/css/classic-themes.min.css?ver=1
IP 45.79.30.185:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:38:09 GMT
Accept-Ranges: bytes
Content-Length: 217
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
45.79.30.185200 OK 19 kB URL HTTP/1.1 hgv.com.co/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 07:12:11 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 15:57:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hgv.com.co/wp-content/themes/dt-the7/fonts/FontAwesome/back-compat.min.css?ver=11.2.1
45.79.30.185200 OK 19 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/fonts/FontAwesome/back-compat.min.css?ver=11.2.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (19124), with no line terminators
Hash 2241b1dc3785271d2db8ce8c7971567c
16c419b69b436608d6d2ef669398946be2ea292f
c61978e3a428c41f5082c3da1d3cfe3c83c04b78a6a62b8dd879fb67b6b04953
GET /wp-content/themes/dt-the7/fonts/FontAwesome/back-compat.min.css?ver=11.2.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 19124
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.min.css?ver=11.2.1
45.79.30.185200 OK 20 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.min.css?ver=11.2.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (20019), with no line terminators
Hash 6f5f1dc770b7d6b4d1b2d09c04e3b2e4
7bcd7dca4830bd031d41aceb3ec80837f428dc44
a17ad60491df641c2e86700ab73143eb57a71f008a495c922c02be00cdf33789
GET /wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.min.css?ver=11.2.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 20019
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 15:57:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hgv.com.co/wp-content/uploads/smile_fonts/icomoon-feather-24x24/icomoon-feather-24x24.css?ver=6.1.1
45.79.30.185200 OK 8.1 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/smile_fonts/icomoon-feather-24x24/icomoon-feather-24x24.css?ver=6.1.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (8115), with no line terminators
Hash b50c7956106c3c837a3dda404252b545
b3f95a5cd4991dbf2860acf499434ca5a20e994e
86280677bab07eabdb36c37f51da3b1d69eadfa56d2fc1ea89bd813aed59ac14
GET /wp-content/uploads/smile_fonts/icomoon-feather-24x24/icomoon-feather-24x24.css?ver=6.1.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:23:24 GMT
Accept-Ranges: bytes
Content-Length: 8115
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 15:57:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hgv.com.co/wp-content/uploads/smile_fonts/icomoon-free-social-contact-16x16/icomoon-free-social-contact-16x16.css?ver=6.1.1
45.79.30.185200 OK 8.5 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/smile_fonts/icomoon-free-social-contact-16x16/icomoon-free-social-contact-16x16.css?ver=6.1.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (8523), with no line terminators
Hash 06eb646ab6fc029690fdfd37b6f924bb
aadce95fb340f807915f5d1d2ba0e7f8d6933e41
7b70d23fbb5fda2c3126584ade84dbc3c22965e066793e3ee4542f5b5911aa32
GET /wp-content/uploads/smile_fonts/icomoon-free-social-contact-16x16/icomoon-free-social-contact-16x16.css?ver=6.1.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:23:24 GMT
Accept-Ranges: bytes
Content-Length: 8523
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.14
45.79.30.185200 OK 6.1 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.14
IP 45.79.30.185:0
File type ASCII text, with very long lines (6087), with no line terminators
Hash bda2c65b86ae7619b56f60b5ccf95c4f
4ec47f56a9a967b62bf223586fcdffc1dc7d40d6
79094ff19836671da581cd093530d058dff33873a169d49f4f99e157289fc420
GET /wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.14 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Mon, 28 Nov 2022 21:07:20 GMT
Accept-Ranges: bytes
Content-Length: 6087
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.css?ver=11.2.1
45.79.30.185200 OK 11 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.css?ver=11.2.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (10755), with no line terminators
Hash 26421f9c878acb1fd676d5053a2928ae
28bc1fa7e3e1a0901c56e854004d8047629e4b03
e3615fe430b11a0bbd580c5076d0e5edf562597d8a3e851b1aa61280f8ea3897
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.css?ver=11.2.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 10755
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/themes/dt-the7/fonts/FontAwesome/css/all.min.css?ver=11.2.1
45.79.30.185200 OK 59 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/fonts/FontAwesome/css/all.min.css?ver=11.2.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (58975)
Hash 18681a2fa4d4386c058c40149603eb8f
74d0687546f116bd451e048309509b0e9379c348
e0a7c774c6a0080dc3cb538eaa5fe7e01c17b1ae7cbf948201c22e4c941b6a19
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/fonts/FontAwesome/css/all.min.css?ver=11.2.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 59162
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/themes/dt-the7/css/wpbakery.min.css?ver=11.2.1
45.79.30.185200 OK 26 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/css/wpbakery.min.css?ver=11.2.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (25486)
Hash e44b7ea91d1d170f8a2118171457298c
5c3f189404f4e63312ca0f20cdf9ce2c4a57dd79
aa67dc32c031217b631102e30ace4a9ccb1edf5b57635f8c99664e1b0c63062e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/css/wpbakery.min.css?ver=11.2.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 25752
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
45.79.30.185200 OK 95 kB URL HTTP/1.1 hgv.com.co/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (47826)
Hash 71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 06:57:32 GMT
Accept-Ranges: bytes
Content-Length: 94889
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/uploads/the7-css/css-vars.css?ver=1a74efa24b44
45.79.30.185200 OK 32 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/the7-css/css-vars.css?ver=1a74efa24b44
IP 45.79.30.185:0
Hash a650e30be2208563aa8ede6d0d316a58
2a886ea615f7da05375356244a58e5c5db49cc43
93b68fdda08cdfd5f7507c3be22ed5c93e71c43b4e671b9b80ae680e1a40229f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/the7-css/css-vars.css?ver=1a74efa24b44 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:12:56 GMT
Accept-Ranges: bytes
Content-Length: 31972
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/plugins/dt-the7-core/assets/css/post-type.min.css?ver=2.6.0
45.79.30.185200 OK 43 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/dt-the7-core/assets/css/post-type.min.css?ver=2.6.0
IP 45.79.30.185:0
File type ASCII text, with very long lines (42887)
Hash 76d954fbdd0a72d3ac00cb2729e830f8
e0d205c851b2e121b2a7589e81036faf42034138
6fb12c88b18bd54395fcfa8c1bc66f2087bf49fe27ad830606d21b2b6bea36d3
GET /wp-content/plugins/dt-the7-core/assets/css/post-type.min.css?ver=2.6.0 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Tue, 26 Jul 2022 19:39:05 GMT
Accept-Ranges: bytes
Content-Length: 42975
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/uploads/the7-css/media.css?ver=1a74efa24b44
45.79.30.185200 OK 77 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/the7-css/media.css?ver=1a74efa24b44
IP 45.79.30.185:0
Hash 661cd552ee92a9ab12ba2d88a885fd7a
52d24f372055ef98fb8778b0daf249c4f480fff6
b8b2048628981e58fe5a1820d8bb47cce4c554f3de6a7fa3438ee4d3c9dd08f2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/the7-css/media.css?ver=1a74efa24b44 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:12:57 GMT
Accept-Ranges: bytes
Content-Length: 77269
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/uploads/the7-css/mega-menu.css?ver=1a74efa24b44
45.79.30.185200 OK 19 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/the7-css/mega-menu.css?ver=1a74efa24b44
IP 45.79.30.185:0
Hash c23f39b3bbb1faeef29ef10f9d57a88a
c68c24ac7dcd8a69936f5a3fd839119f1eb17b75
421100f6c5b16f08a2384747827c95c72e6269bf624194ce33d6709e3862106b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/the7-css/mega-menu.css?ver=1a74efa24b44 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:12:57 GMT
Accept-Ranges: bytes
Content-Length: 18671
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6600
Expires: Fri, 02 Dec 2022 17:47:20 GMT
Date: Fri, 02 Dec 2022 15:57:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6600
Expires: Fri, 02 Dec 2022 17:47:20 GMT
Date: Fri, 02 Dec 2022 15:57:20 GMT
Connection: keep-alive
hgv.com.co/wp-content/uploads/the7-css/custom.css?ver=1a74efa24b44
45.79.30.185200 OK 260 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/the7-css/custom.css?ver=1a74efa24b44
IP 45.79.30.185:0
Size 260 kB (259523 bytes)
Hash e66dfff089a0b12383244bd07c7b7d93
c9581a95b8f0feda6c3c62b0780de4dc4912bcf0
53d97969f2c23fbd36c54a67e742d57b647e76770c1056897755abc77bfa3be9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/the7-css/custom.css?ver=1a74efa24b44 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:12:57 GMT
Accept-Ranges: bytes
Content-Length: 259523
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 00:54:54 GMT
age: 54146
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 13:09:50 GMT
age: 10050
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:600%7CRoboto:400&display=swap
142.250.74.74200 OK 5.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:600%7CRoboto:400&display=swap
IP 142.250.74.74:0
Hash 514908534a976eb07a4990d478a5a4fe
c0030df63f298aefedf9b5dcea1391165b4508a4
a0b2b65b7bd43a16b7c7581dc0c3c3258f5c73414fbb4389821211e1cc29f370
GET /css?family=Poppins:600%7CRoboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 15:57:19 GMT
date: Fri, 02 Dec 2022 15:57:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hgv.com.co/wp-content/themes/dt-the7/css/main.min.css?ver=11.2.1
45.79.30.185200 OK 247 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/css/main.min.css?ver=11.2.1
IP 45.79.30.185:0
File type Unicode text, UTF-8 text, with very long lines (37322)
Size 247 kB (247399 bytes)
Hash 2cb7549f12ae68fde0130b5227546fc0
7947e08fb694afaa0ea8f18f4cc87f486545ee38
258cafc4ffddd0cce48f22b89abb066e22717c4cfff4f1cdac7ae02e04426fd6
GET /wp-content/themes/dt-the7/css/main.min.css?ver=11.2.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 247399
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/uploads/the7-css/the7-elements-albums-portfolio.css?ver=1a74efa24b44
45.79.30.185200 OK 23 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/the7-css/the7-elements-albums-portfolio.css?ver=1a74efa24b44
IP 45.79.30.185:0
Hash 85bbfa6ab7cb8efff8b466913ac9df13
9be20d6309d59f108abee76ae7148c99bf8b0739
5cf9186c30d241993ff0233aed0f0bdb71d0dc6592dd461715281775d949a26a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/the7-css/the7-elements-albums-portfolio.css?ver=1a74efa24b44 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:12:57 GMT
Accept-Ranges: bytes
Content-Length: 23284
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
age: 65147
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 65229
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 65364
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hgv.com.co/wp-content/uploads/the7-css/post-type-dynamic.css?ver=1a74efa24b44
45.79.30.185200 OK 10 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/the7-css/post-type-dynamic.css?ver=1a74efa24b44
IP 45.79.30.185:0
Hash 6fb82b8338265cee7700b568a9bde3cc
fed9cfd6f2225f3bcae091da79a121b1abe7374f
59f36e83918ba2c60a083fe2d84c53e71279c0744a6f6989b1e9aa124a854484
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/the7-css/post-type-dynamic.css?ver=1a74efa24b44 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:12:57 GMT
Accept-Ranges: bytes
Content-Length: 10220
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/themes/dt-the7/style.css?ver=11.2.1
45.79.30.185200 OK 1.4 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/style.css?ver=11.2.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (523)
Hash 86e1dbc89ec39b5c19dcfbb02ef16396
91e81ee974bdf60015b9fa8181df8d93321a8cfa
8f8dfd4f2b7547bedaa4a97e5fad2fe1e5fa4e8ea3255b4de23e9b7cb6b22caf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/style.css?ver=11.2.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 1424
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/uploads/js_composer/js_composer_front_custom.css?ver=6.9.0
45.79.30.185200 OK 566 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/js_composer/js_composer_front_custom.css?ver=6.9.0
IP 45.79.30.185:0
File type ASCII text, with very long lines (684), with CRLF line terminators
Size 566 kB (565583 bytes)
Hash 2932ac040e77a3f55630b7c97cfe2717
7af154a20e02782493532f0c9ee867d03d6051f3
e9112791bdeeafadb0ffec8f094d42f07911166fea5da90361d179fca5160858
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/js_composer/js_composer_front_custom.css?ver=6.9.0 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 20:48:56 GMT
Accept-Ranges: bytes
Content-Length: 565583
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.19.11
45.79.30.185200 OK 13 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.19.11
IP 45.79.30.185:0
File type ASCII text, with very long lines (13362), with no line terminators
Hash bc9c0a583bffafcbad675ef5925ba710
9bba5dbbffabbed2a5c5d820538bc37a9256e58c
9a31d5c9c0b108e9c1d8ccd47780a975d44ed8665a3be8a37b2c3614ad5fc157
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.19.11 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:18 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:22:41 GMT
Accept-Ranges: bytes
Content-Length: 13362
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/headings.min.css?ver=3.19.11
45.79.30.185200 OK 1.3 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/headings.min.css?ver=3.19.11
IP 45.79.30.185:0
File type ASCII text, with very long lines (1255), with no line terminators
Hash 2b206b5281e981539b7857797982a7ca
e35f69a72241c16d6ae80bbb8e5daf29dd203025
b08954fb222a9f97871f448798f5eb601af5c6bd7abb30c4bbfcb7b1e01d1e2b
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/headings.min.css?ver=3.19.11 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:22:41 GMT
Accept-Ranges: bytes
Content-Length: 1255
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/info-box.min.css?ver=3.19.11
45.79.30.185200 OK 4.2 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/info-box.min.css?ver=3.19.11
IP 45.79.30.185:0
File type ASCII text, with very long lines (4226), with no line terminators
Hash a6d8ccbac6834f0217f434d8ab7717b2
906da517df5ef80bf1ee101da834c52de35c70a5
7f9d36490218544a8862de421873334a2306d48e108a77c41ed7447e4ca209af
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/info-box.min.css?ver=3.19.11 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:22:41 GMT
Accept-Ranges: bytes
Content-Length: 4226
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/info-circle.min.css?ver=3.19.11
45.79.30.185200 OK 8.1 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/info-circle.min.css?ver=3.19.11
IP 45.79.30.185:0
File type ASCII text, with very long lines (8093), with no line terminators
Hash f7f0b05982444d418a5b4a237d1c08d9
58a23d22afcab9ba0b0f592eaf78c0ac0d15b7a6
e9c2b9f4934cebdc90c22d32f37db91566c9b980f17a829a788f30cf8e69c37c
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/info-circle.min.css?ver=3.19.11 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:22:41 GMT
Accept-Ranges: bytes
Content-Length: 8093
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/animate.min.css?ver=3.19.11
45.79.30.185200 OK 70 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/animate.min.css?ver=3.19.11
IP 45.79.30.185:0
File type ASCII text, with very long lines (64392)
Hash 22acc36bd1034c90d5d97abcaf90ec64
501baac4a60aa64d97f7f3985ce5225c22b11858
d8d7c99c35d8bfab7194b20c0d001b2ca4b85ab6e7e46df146271fcfb09ceb9b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/animate.min.css?ver=3.19.11 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:22:41 GMT
Accept-Ranges: bytes
Content-Length: 70192
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
45.79.30.185200 OK 90 kB URL HTTP/1.1 hgv.com.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 07:38:09 GMT
Accept-Ranges: bytes
Content-Length: 89684
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/themes/dt-the7/js/above-the-fold.min.js?ver=11.2.1
45.79.30.185200 OK 13 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/js/above-the-fold.min.js?ver=11.2.1
IP 45.79.30.185:0
File type Unicode text, UTF-8 text, with very long lines (2772)
Hash c651c9d189aec3025648ab5a4a143702
29cb8cfbc901402ac6b0d2f45d3683bc358e08f3
fb7fbfb50310397a5df8716772c7938bc765eaf1bd8108c5225f78b14581eb22
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/js/above-the-fold.min.js?ver=11.2.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 12713
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
45.79.30.185200 OK 11 kB URL HTTP/1.1 hgv.com.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 45.79.30.185:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 19:36:06 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.19.11
45.79.30.185200 OK 1.1 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.19.11
IP 45.79.30.185:0
File type HTML document, ASCII text, with very long lines (1108), with no line terminators
Hash 77f1aa68672dbccdb8b027d66855bd01
33888afc11257c6c28bcd483a072901b6a818ff5
1b10d243afb4a51af9177fd7be630d28d6deec9b83d3dbdc434a0ecc16d5fb89
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.19.11 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:22:41 GMT
Accept-Ranges: bytes
Content-Length: 1108
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.19.11
45.79.30.185200 OK 1.4 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.19.11
IP 45.79.30.185:0
File type ASCII text, with very long lines (1353), with no line terminators
Hash 4b98ca0c3fd2dd6bb074c3d6fd3df791
6e2eb34d2c9e64b22ba1af37c9112f2e6431010e
2e8fc6aca9005a5f3a01cf42ecac4027011eaf71afb5cb9d64820b432b0d7bc3
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.19.11 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:22:41 GMT
Accept-Ranges: bytes
Content-Length: 1353
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/custom.min.js?ver=3.19.11
45.79.30.185200 OK 21 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/custom.min.js?ver=3.19.11
IP 45.79.30.185:0
File type ASCII text, with very long lines (21126), with no line terminators
Hash cc40c3f2fa084ca1bab5d9e5fbd6ddd8
60c3b92e604af6feb6777f3ac77860233a2941a2
d8e49702031a4c0aa7cc3948ef8c57ff618d4358fea07da88a39186854f20fb6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/custom.min.js?ver=3.19.11 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:22:41 GMT
Accept-Ranges: bytes
Content-Length: 21126
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/headings.min.js?ver=3.19.11
45.79.30.185200 OK 2.7 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/headings.min.js?ver=3.19.11
IP 45.79.30.185:0
File type HTML document, ASCII text, with very long lines (2694), with no line terminators
Hash 22feac39f679f23a673ea7222064d2ea
3e37e80f702a7b69fd994beb5ece2d00bb8322f5
20156ec3f1e45a1b3526f4dfdaaff74f0419710db4f2e1da9a22cdfb0142e757
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/headings.min.js?ver=3.19.11 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:22:41 GMT
Accept-Ranges: bytes
Content-Length: 2694
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/info-circle.min.js?ver=3.19.11
45.79.30.185200 OK 9.8 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/info-circle.min.js?ver=3.19.11
IP 45.79.30.185:0
File type ASCII text, with very long lines (9824), with no line terminators
Hash adf335c2e195903b8fb2c2028750bad6
d8e5e08ec284e3cf94540401e14a43a6669cd52f
6f45c3979b1df9c493e2d12771e0c70151f07606fab7509d008e918f036441b0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/info-circle.min.js?ver=3.19.11 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:22:41 GMT
Accept-Ranges: bytes
Content-Length: 9824
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.css?ver=3.19.11
45.79.30.185200 OK 9.3 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.css?ver=3.19.11
IP 45.79.30.185:0
File type ASCII text, with very long lines (9312), with no line terminators
Hash 2caf917503c8c9bd6395e9cbd1977d60
7e6eb7ec39997bd766a51192e7cc299eff47ba97
1799f5f4c1ef63cf01499e15a4cc47beaa351c2661b4d1c4f6b9443e66ddef8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.css?ver=3.19.11 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:22:41 GMT
Accept-Ranges: bytes
Content-Length: 9312
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
hgv.com.co/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.19
45.79.30.185200 OK 58 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.19
IP 45.79.30.185:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 07291a7c3fd1ba24f181e8a214e46039
abd5a1e7c6d061cfb2fe682fb96744dec34216e7
e13ea29ad744a951cc84ebeea74b2e12b85dbbd42dfc6c127cd9e4f5c1dd0961
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.19 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Tue, 26 Jul 2022 19:39:04 GMT
Accept-Ranges: bytes
Content-Length: 57738
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 15:57:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 15:57:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hgv.com.co/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
45.79.30.185200 OK 129 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP 45.79.30.185:0
File type ASCII text, with very long lines (45108)
Size 129 kB (128668 bytes)
Hash fb0dc63ed31433d3e16526f9e415d57e
3d4029b9f66e3f3c086eba04a02c140660a94acb
559f367b8631134334b4870bed568b019af144c801b574a252e337d4e837a05a
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Tue, 26 Jul 2022 19:39:04 GMT
Accept-Ranges: bytes
Content-Length: 128668
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 15:57:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hgv.com.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 159806
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hgv.com.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 22:14:50 GMT
expires: Wed, 29 Nov 2023 22:14:50 GMT
cache-control: public, max-age=31536000
age: 236550
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
216.58.207.227200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hgv.com.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 160110
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hgv.com.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 159785
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hgv.com.co/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.14
45.79.30.185200 OK 8.1 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.14
IP 45.79.30.185:0
File type ASCII text, with very long lines (8082), with no line terminators
Hash d722044cc0ba8301aa6e215203f3299f
87ebd8f71d38dccb9c2dcebbb7203dd836257b8b
59fc5a88fa6aad3642d9914c53490174cef0abce3ab397589364018c4acd74e0
GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.14 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 28 Nov 2022 21:07:20 GMT
Accept-Ranges: bytes
Content-Length: 8082
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/themes/dt-the7/js/legacy.min.js?ver=11.2.1
45.79.30.185200 OK 1.4 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/js/legacy.min.js?ver=11.2.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (1368), with no line terminators
Hash d8835370b0738131d987154aaabef331
4b6ca6e8f211226a67adae98351109ef46f687ca
7393e74deba29efa45bde843d51a03626effc7f2fda3983b55739cb0be1f1ba7
GET /wp-content/themes/dt-the7/js/legacy.min.js?ver=11.2.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 1368
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 15:57:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hgv.com.co/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.js?ver=11.2.1
45.79.30.185200 OK 40 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.js?ver=11.2.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (40085), with no line terminators
Hash 0201925438ef5e8d808c5a4aae483af2
7fac1f6d9d64a46203fd652cfa429be67b518198
5e8a1efa7ed75ccecd7b1daa15fbdb97fe1a730dddcd36e65a714d4811b31238
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.js?ver=11.2.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 40085
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/themes/dt-the7/lib/jquery-mousewheel/jquery-mousewheel.min.js?ver=11.2.1
45.79.30.185200 OK 2.7 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/lib/jquery-mousewheel/jquery-mousewheel.min.js?ver=11.2.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (2615)
Hash ca4fc18d3aa41a0e4ca31c875b1f93c6
57f848a86bdfddffe192f1049f1a3400d55c0e28
9c7f5f11ea09af1edcc1a9033075fc3de8d28a1675503169f857b2211c8d8545
GET /wp-content/themes/dt-the7/lib/jquery-mousewheel/jquery-mousewheel.min.js?ver=11.2.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 2705
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19
45.79.30.185200 OK 387 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19
IP 45.79.30.185:0
File type ASCII text, with very long lines (64288)
Size 387 kB (386778 bytes)
Hash 811c3da189b804d68fced85b9a191e1e
bc4d1ec616ba622029414fbceb0bc8d9e903f3fc
3b0b8378134e79a3a7058080f4d617969ac9b159d448be7b15e595719e5c9518
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Tue, 26 Jul 2022 19:39:04 GMT
Accept-Ranges: bytes
Content-Length: 386778
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/plugins/dt-the7-core/assets/js/post-type.min.js?ver=2.6.0
45.79.30.185200 OK 27 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/dt-the7-core/assets/js/post-type.min.js?ver=2.6.0
IP 45.79.30.185:0
File type ASCII text, with very long lines (26585), with no line terminators
Hash 190bf2bb4691041f532dc35174acf2ea
0981a77be2ea3016bf4d0adeb31031be272e5e4d
77b58caecc364f2a300091db93110a7b711da823f9fd77d769aa980a7a6e2e03
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/dt-the7-core/assets/js/post-type.min.js?ver=2.6.0 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Tue, 26 Jul 2022 19:39:05 GMT
Accept-Ranges: bytes
Content-Length: 26585
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/info-box.min.js?ver=3.19.11
45.79.30.185200 OK 463 B URL HTTP/1.1 hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/info-box.min.js?ver=3.19.11
IP 45.79.30.185:0
File type ASCII text, with very long lines (463), with no line terminators
Hash 71c22a98326b4a390d6c7e0839581c1a
33e6114c29047ca1733a92fe9a9e126c117dd109
b324b5fba52b75751e3812d3ac510430c7370c5f0f46208d0d263181c25d38f7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/info-box.min.js?ver=3.19.11 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:22:41 GMT
Accept-Ranges: bytes
Content-Length: 463
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/themes/dt-the7/js/main.min.js?ver=11.2.1
45.79.30.185200 OK 338 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/js/main.min.js?ver=11.2.1
IP 45.79.30.185:0
File type ASCII text, with very long lines (47989)
Size 338 kB (337472 bytes)
Hash 9f52b4384f391ada609ebe188bf23139
baa9404304fae0f5861cbdb31fb11f9d0e2d71b6
2274fe8497b844d1726fd8317437c95a19ced89527f4b6c47eb14fb80010941a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/js/main.min.js?ver=11.2.1 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 337472
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
45.79.30.185200 OK 20 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
IP 45.79.30.185:0
File type ASCII text, with very long lines (20096)
Hash 6ce179ee275d3bd58d0407b79d6366cd
fb1393daafde2f3e85f31777543c3194a4ab11d0
1bd0097cd9d76a31566f4236a1aaa31cdd43c5857a9502679805fddbc7599a54
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Tue, 26 Jul 2022 19:39:08 GMT
Accept-Ranges: bytes
Content-Length: 20315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.ttf?wi57p5
45.79.30.185200 OK 48 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.ttf?wi57p5
IP 45.79.30.185:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, the7-default-font\012- data
Hash 71f9dfd69c5a3adbbb31a994bffb7b36
97fbd02448d6db534ddfe4bcdc3df7ec5d92af9a
e0394e418d7858c3f9fabb6897f4e9364cf86a23a809127690f467ad111f190d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.ttf?wi57p5 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.min.css?ver=11.2.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 48020
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: font/ttf
hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/vhparallax.min.js?ver=3.19.11
45.79.30.185200 OK 3.3 kB URL HTTP/1.1 hgv.com.co/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/vhparallax.min.js?ver=3.19.11
IP 45.79.30.185:0
File type ASCII text, with very long lines (3293), with no line terminators
Hash ba4fa169f82cf782e0f2a4f3509931aa
b8a28aa1eb9241147a9fb1aae16c9c4509deed14
f67047f60e0267eb1c463f3ae947a10e56374ab6b22e2ca4b482617e0e0a28de
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/vhparallax.min.js?ver=3.19.11 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:22:41 GMT
Accept-Ranges: bytes
Content-Length: 3293
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
hgv.com.co/wp-content/uploads/smile_fonts/icomoon-feather-24x24/icomoon-feather-24x24.ttf?xhx4l2
45.79.30.185200 OK 33 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/smile_fonts/icomoon-feather-24x24/icomoon-feather-24x24.ttf?xhx4l2
IP 45.79.30.185:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon-feather-24x24\012- data
Hash d3bb7e35c57616c96631799e1cb3ba67
ea74133b47cc9aff5c149df0ee768f71fd188381
40e212c367338713249eca42aa400fb34e7cf6239d29f8e188023d7a1c77d4b4
GET /wp-content/uploads/smile_fonts/icomoon-feather-24x24/icomoon-feather-24x24.ttf?xhx4l2 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/wp-content/uploads/smile_fonts/icomoon-feather-24x24/icomoon-feather-24x24.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:23:24 GMT
Accept-Ranges: bytes
Content-Length: 33444
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: font/ttf
hgv.com.co/wp-content/uploads/2021/08/HGV-L.png
45.79.30.185200 OK 24 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/2021/08/HGV-L.png
IP 45.79.30.185:0
File type PNG image data, 394 x 41, 8-bit/color RGBA, interlaced\012- data
Hash d709f877cced7ba299218b0145c81970
9643a284c8f7f743fd1ba2dfb1bf912c1f84245d
cf7a348c2a536ac995c0c324f42cf2c2c51443b997de8dab287a3329c6ff7e41
GET /wp-content/uploads/2021/08/HGV-L.png HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 20:29:47 GMT
Accept-Ranges: bytes
Content-Length: 23898
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
hgv.com.co/wp-content/themes/dt-the7/fonts/FontAwesome/webfonts/fa-solid-900.woff2
45.79.30.185200 OK 78 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/fonts/FontAwesome/webfonts/fa-solid-900.woff2
IP 45.79.30.185:0
File type Web Open Font Format (Version 2), TrueType, length 78212, version 331.-31261\012- data
Hash 8c4f474a3aaa695346196b1f33fab616
abc1ae262d760e104a5a5cb68614ac119fd0db18
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/fonts/FontAwesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hgv.com.co/wp-content/themes/dt-the7/fonts/FontAwesome/css/all.min.css?ver=11.2.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 78212
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff2
hgv.com.co/wp-content/uploads/2021/08/HGV-blanco.png
45.79.30.185200 OK 6.7 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/2021/08/HGV-blanco.png
IP 45.79.30.185:0
File type PNG image data, 59 x 51, 8-bit/color RGBA, interlaced\012- data
Hash 60fcacccfd866205a5c11de24f4dd4a3
b1ae2dd9ccb27a848ba178257ab3fcbe315e3864
cdb90d54b5d91a066d44db3dbbc481244169bd01dad06ad9773003b7b76c8b37
GET /wp-content/uploads/2021/08/HGV-blanco.png HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 20:32:00 GMT
Accept-Ranges: bytes
Content-Length: 6664
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
hgv.com.co/wp-content/plugins/revslider/public/assets/assets/dummy.png
45.79.30.185200 OK 68 B URL HTTP/1.1 hgv.com.co/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP 45.79.30.185:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Tue, 26 Jul 2022 19:39:04 GMT
Accept-Ranges: bytes
Content-Length: 68
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
hgv.com.co/wp-content/themes/dt-the7/images/the7-chevron-down.svg
45.79.30.185200 OK 579 B URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/images/the7-chevron-down.svg
IP 45.79.30.185:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 5be83ba4db56d9f2eb9d7a2d7eebb2f4
ae3453b2d356613d0f596f03489459ef6f157bbe
378cb322825a777a6dcdfe8189e0728735e1ad56fb48cde5746fec38627df8e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/images/the7-chevron-down.svg HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/wp-content/themes/dt-the7/css/main.min.css?ver=11.2.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 579
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/svg+xml
hgv.com.co/wp-content/uploads/2021/08/HGV-M.png
45.79.30.185200 OK 20 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/2021/08/HGV-M.png
IP 45.79.30.185:0
File type PNG image data, 336 x 35, 8-bit/color RGBA, interlaced\012- data
Hash 5b0fd9dba90a1d99f72401d92394f80b
e069e684bdbd4aefeed662fd2f81924a4f2e51f1
829fc487fd3c971b0f6a73cb8c1b856ba980f63d195ea566561146fe92559f3c
GET /wp-content/uploads/2021/08/HGV-M.png HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:19 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:58:55 GMT
Accept-Ranges: bytes
Content-Length: 20012
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 14:41:08 GMT
expires: Fri, 02 Dec 2022 16:41:08 GMT
cache-control: public, max-age=7200
age: 4573
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hgv.com.co/wp-content/uploads/2021/08/favicon.png
45.79.30.185200 OK 7.5 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/2021/08/favicon.png
IP 45.79.30.185:0
File type PNG image data, 65 x 65, 8-bit/color RGBA, interlaced\012- data
Hash f7d5225a12ad900cc7356388989bf772
d32921361bbe2de86c1f005444a5f92495a19fec
29e24760ea301f74d92bed0ac60a4390bd55f99212e8a0fa5053ae79f63ad9a3
GET /wp-content/uploads/2021/08/favicon.png HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:20 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 20:02:34 GMT
Accept-Ranges: bytes
Content-Length: 7466
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
hgv.com.co/wp-content/themes/dt-the7/fonts/FontAwesome/webfonts/fa-regular-400.woff2
45.79.30.185200 OK 13 kB URL HTTP/1.1 hgv.com.co/wp-content/themes/dt-the7/fonts/FontAwesome/webfonts/fa-regular-400.woff2
IP 45.79.30.185:0
File type Web Open Font Format (Version 2), TrueType, length 13264, version 331.-31261\012- data
Hash 8eb1b3e8681657092171b6aa809493c2
aa6cc2d47049bc05505d6ec1cd5237558b04d6e3
65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/fonts/FontAwesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hgv.com.co/wp-content/themes/dt-the7/fonts/FontAwesome/css/all.min.css?ver=11.2.1
Cookie: _ga=GA1.3.288904259.1669996639; _gid=GA1.3.114480682.1669996639; _gat_gtag_UA_5290622_2=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:20 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 19:07:06 GMT
Accept-Ranges: bytes
Content-Length: 13264
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: font/woff2
hgv.com.co/wp-content/uploads/2016/02/bg-mem.png
45.79.30.185200 OK 13 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/2016/02/bg-mem.png
IP 45.79.30.185:0
File type PNG image data, 864 x 864, 8-bit gray+alpha, non-interlaced\012- data
Hash 97d891c5c7c3bc7e90870b5fe35bd51d
6aabcf5bb480806fea31c3781411cd34f73ce846
ea8669afb5e996833a153ca7bbae55ed3d00498704ece31f7cdff86a15840f51
GET /wp-content/uploads/2016/02/bg-mem.png HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Cookie: _ga=GA1.3.288904259.1669996639; _gid=GA1.3.114480682.1669996639; _gat_gtag_UA_5290622_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:20 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:23:07 GMT
Accept-Ranges: bytes
Content-Length: 13075
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
hgv.com.co/wp-content/uploads/2021/10/RAP_8114-scaled-e1635302165429.jpg
45.79.30.185200 OK 352 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/2021/10/RAP_8114-scaled-e1635302165429.jpg
IP 45.79.30.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x934, components 3\012- data
Size 352 kB (351960 bytes)
Hash c686f2fa1cdd9932ceea7397d1ae60aa
0d261b1361081a6357a081ddf8250711f4b1e7dd
710163081142ccdca374da10dcad4472cee70539a4bc6956a69dd8a981207135
GET /wp-content/uploads/2021/10/RAP_8114-scaled-e1635302165429.jpg HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Cookie: _ga=GA1.3.288904259.1669996639; _gid=GA1.3.114480682.1669996639; _gat_gtag_UA_5290622_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:20 GMT
Server: Apache
Last-Modified: Wed, 27 Oct 2021 02:36:05 GMT
Accept-Ranges: bytes
Content-Length: 351960
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
hgv.com.co/wp-content/uploads/2021/10/RAP_8253-scaled-e1635302435221.jpg
45.79.30.185200 OK 409 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/2021/10/RAP_8253-scaled-e1635302435221.jpg
IP 45.79.30.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1708x1203, components 3\012- data
Size 409 kB (409005 bytes)
Hash 397a0d0728f8b7b6975fe64d1259b2bc
91789b5c870946c2a2acb13ba6ea5ad33db54213
b0cc5f6ecf7af4b4dc8b04e467fe4cc954ea7413dfcb2cf2c9ebecdfa461d7c0
GET /wp-content/uploads/2021/10/RAP_8253-scaled-e1635302435221.jpg HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Cookie: _ga=GA1.3.288904259.1669996639; _gid=GA1.3.114480682.1669996639; _gat_gtag_UA_5290622_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:21 GMT
Server: Apache
Last-Modified: Wed, 27 Oct 2021 02:40:35 GMT
Accept-Ranges: bytes
Content-Length: 409005
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
hgv.com.co/wp-content/uploads/2021/10/RAP_7958-scaled-e1635302075800.jpg
45.79.30.185200 OK 368 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/2021/10/RAP_7958-scaled-e1635302075800.jpg
IP 45.79.30.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1708x889, components 3\012- data
Size 368 kB (367989 bytes)
Hash 528cf85e791424089846020b04bb81c7
06f41135838af756de1ed577a111993ed143c81e
2009d48065cb0f80a9d82d7cdfdec4a847bd6017049f3d4f34664de4d424ff15
GET /wp-content/uploads/2021/10/RAP_7958-scaled-e1635302075800.jpg HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Cookie: _ga=GA1.3.288904259.1669996639; _gid=GA1.3.114480682.1669996639; _gat_gtag_UA_5290622_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:21 GMT
Server: Apache
Last-Modified: Wed, 27 Oct 2021 02:34:35 GMT
Accept-Ranges: bytes
Content-Length: 367989
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
hgv.com.co/wp-content/uploads/2021/10/RAP_8153-1-scaled.jpg
45.79.30.185200 OK 418 kB URL HTTP/1.1 hgv.com.co/wp-content/uploads/2021/10/RAP_8153-1-scaled.jpg
IP 45.79.30.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1707, components 3\012- data
Size 418 kB (418160 bytes)
Hash c8dfa74c9e20282a2ccc55166fd109ab
49d98710647742442d3828bb6fea15a1672e033f
18fdc0e53389d1028fca95405e2b5902501fa159d1dde7cf592b578c97e087af
GET /wp-content/uploads/2021/10/RAP_8153-1-scaled.jpg HTTP/1.1
Host: hgv.com.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Cookie: _ga=GA1.3.288904259.1669996639; _gid=GA1.3.114480682.1669996639; _gat_gtag_UA_5290622_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 15:57:24 GMT
Server: Apache
Last-Modified: Wed, 27 Oct 2021 02:21:24 GMT
Accept-Ranges: bytes
Content-Length: 418160
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:08:56 GMT
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
age: 64110
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,600,700%7CRoboto+Condensed:400,600,700
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,600,700%7CRoboto+Condensed:400,600,700
IP 142.250.74.74:0
GET /css?family=Roboto:400,600,700%7CRoboto+Condensed:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 15:57:19 GMT
date: Fri, 02 Dec 2022 15:57:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed|
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed|
IP 142.250.74.74:0
GET /css?family=Roboto+Condensed| HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hgv.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 15:57:19 GMT
date: Fri, 02 Dec 2022 15:57:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2