Overview

URLtomoroccotour.com/
IP 68.65.123.192 (United States)
ASN#22612 NAMECHEAP-NET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-30 12:19:23 UTC
StatusLoading report..
IDS alerts0
Blocklist alert39
urlquery alerts No alerts detected
Tags None

Domain Summary (14)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-30 04:06:17 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.215.94.42
r3.o.lencr.org (5) 344 No data No data 23.36.77.32
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
ocsp.pki.goog (5) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
tomoroccotour.com (94) 0 2022-09-08 22:53:25 UTC 2022-11-30 11:58:28 UTC 68.65.123.192 Unknown ranking
fonts.googleapis.com (4) 8877 2013-06-10 20:14:26 UTC 2022-11-30 05:55:22 UTC 142.250.74.106
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-30 04:06:41 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
fonts.gstatic.com (2) 0 2014-09-09 00:40:21 UTC 2022-11-30 04:54:31 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-30 04:06:04 UTC 34.117.237.239
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-30 04:53:34 UTC 142.250.74.168

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-30 2 tomoroccotour.com/ Malware
2022-11-30 2 tomoroccotour.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 Malware
2022-11-30 2 tomoroccotour.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/wp-font-resizer/css/fontResizer.css?ve (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/uploads/elementor/css/post-394.css?ver=1668353252 Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/header-footer-elementor/assets/css/hea (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/svg-support/css/svgs-attachment.css?ve (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/master-addons/assets/fonts/material-ic (...) Malware
2022-11-30 2 tomoroccotour.com/ Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/wp-font-resizer/js/fontResizer.js?ver=6.1.1 Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/uploads/elementor/css/post-8.css?ver=1669305160 Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor-pro/assets/css/frontend.min. (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/creame-whatsapp-me/public/css/joinchat (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/uploads/elementor/css/post-2425.css?ver=1668353254 Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/master-addons/assets/fonts/iconic-font (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/mobile-menu/includes/css/mobmenu.css?v (...) Malware
2022-11-30 2 tomoroccotour.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 Malware
2022-11-30 2 tomoroccotour.com/wp-content/uploads/2022/11/untitled-1-recovered.svg Malware
2022-11-30 2 tomoroccotour.com/wp-content/themes/astra/assets/js/minified/frontend.min.j (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat. (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/header-footer-elementor/inc/js/fronten (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoin (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/js/webpack.runtime.mi (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.j (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ve (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/wp-font-resizer/js/fontResizer.js?ver=6.1.1 Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/master-addons/assets/js/master-addons- (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/uploads/2022/11/tomoroccotour-logo-official.svg Malware
2022-11-30 2 tomoroccotour.com/wp-content/uploads/2022/11/untitled-1-recovered.svg Malware
2022-11-30 2 tomoroccotour.com/wp-content/themes/astra/assets/js/minified/frontend.min.j (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat. (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/header-footer-elementor/inc/js/fronten (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/js/webpack.runtime.mi (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 68.65.123.192
Date UQ / IDS / BL URL IP
2022-12-24 23:24:55 +0000 0 - 0 - 8 theouut.com/DO.php 68.65.123.192
2022-12-18 03:16:20 +0000 0 - 0 - 39 iqac.crescent.bytdigital.com/ 68.65.123.192
2022-11-30 12:21:34 +0000 0 - 0 - 39 tomoroccotour.com/ 68.65.123.192
2022-11-30 12:19:23 +0000 0 - 0 - 39 tomoroccotour.com/ 68.65.123.192
2022-10-07 20:27:01 +0000 0 - 0 - 13 exodus.com.merge.amirulkhan.net/ 68.65.123.192


Last 5 reports on ASN: NAMECHEAP-NET
Date UQ / IDS / BL URL IP
2023-02-07 11:18:31 +0000 0 - 1 - 1 clickandwin.xyz/ 192.64.119.33
2023-02-07 10:43:45 +0000 0 - 0 - 1 kamtex.de/ 162.0.215.44
2023-02-07 10:36:09 +0000 0 - 1 - 0 kongtogel.com/ 162.255.119.72
2023-02-07 10:34:14 +0000 0 - 0 - 1 www.medtroonic.com/ 198.54.117.218
2023-02-07 10:34:14 +0000 0 - 0 - 1 www.medtroonic.com/ 198.54.117.218


Last 2 reports on domain: tomoroccotour.com
Date UQ / IDS / BL URL IP
2022-11-30 12:21:34 +0000 0 - 0 - 39 tomoroccotour.com/ 68.65.123.192
2022-11-30 12:19:23 +0000 0 - 0 - 39 tomoroccotour.com/ 68.65.123.192


No other reports with similar screenshot

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (126)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3215
Expires: Wed, 30 Nov 2022 13:12:47 GMT
Date: Wed, 30 Nov 2022 12:19:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2294
Cache-Control: max-age=168621
Date: Wed, 30 Nov 2022 12:19:12 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:09:33 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 11:19:41 GMT
cache-control: public,max-age=3600
age: 3571
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9607
Expires: Wed, 30 Nov 2022 14:59:19 GMT
Date: Wed, 30 Nov 2022 12:19:12 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: IhJy2Cgs5mQh6WMJ2ftLWlOIha3DhUMmgZWT9GX8I+zAwWHnE4yUONtdBUBYdiy4m+vXCoP6/PE=
x-amz-request-id: KYJEGKQTNYJM54WY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 11:45:51 GMT
age: 2001
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET / HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         68.65.123.192
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
keep-alive: timeout=5, max=100
content-length: 707
date: Wed, 30 Nov 2022 12:19:12 GMT
server: LiteSpeed
location: https://tomoroccotour.com/
x-turbo-charged-by: LiteSpeed


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 30 Nov 2022 12:19:12 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 12:11:14 GMT
cache-control: public,max-age=3600
age: 478
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:19:12 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 22:54:45 GMT
Expires: Sun, 04 Dec 2022 22:54:44 GMT
Etag: "e523dc6ac131e21cab0e6b921f5241c9d0547cb2"
Cache-Control: max-age=383131,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772387b43e120b39-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2291
Cache-Control: max-age=163550
Date: Wed, 30 Nov 2022 12:19:12 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:45:02 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qRd3RPAClFkZKPBVqj+JDw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.215.94.42
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4znfz27P7UB0QEgUtC2CQe2cdO0=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=G-707QG0RHV9 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:13 GMT
expires: Wed, 30 Nov 2022 12:19:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78840
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26337)
Size:   78840
Md5:    9f8c7380cda32634bef14fc3744f93f4
Sha1:   5fca5bb881013bef1687094443ed7f0d74d0551a
Sha256: 1c76e2acc6039bc22b142275669f3fa9fb5599ba5a3c49d137e66200be548aa9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:19:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Montserrat%3Ainherit%2C400&subset=latin%2Clatin-ext&ver=6.1.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 12:19:13 GMT
date: Wed, 30 Nov 2022 12:19:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1059
Md5:    d38e0a79431f6dc7facf65d55a08b126
Sha1:   36f1bad0522bd7ede9fec84e4a297e5dac10c417
Sha256: 5eb580cf956364238076a01773adaefbca0c6532c08d9d0802c97b2b1bc36293
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:19:13 GMT
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5922
date: Wed, 30 Nov 2022 12:19:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   5922
Md5:    68bb4db3eb1d538f0aefa63978c9f00a
Sha1:   4462b37533bdd6f72a75a1678e7d283cfaeafe19
Sha256: 01fe2475586bfc22772ed5226fa2b24ff9b8647cba8db7e0317ea950a6bd2262
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:19:13 GMT
last-modified: Wed, 16 Nov 2022 00:34:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Wed, 30 Nov 2022 12:19:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   11616
Md5:    c4d7cc056b49b00e05cc29cc59aa3d5a
Sha1:   48c426bec60099d2a8628df430ed682c72aab42a
Sha256: 8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /g/collect?v=2&tid=G-707QG0RHV9&gtm=2oebs0&_p=2132748949&gdid=dZGIzZG&cid=1249394537.1669810752&ul=en-us&sr=1280x1024&_s=1&sid=1669810752&sct=1&seg=0&dl=https%3A%2F%2Ftomoroccotour.com%2F&dt=Home%20-%20Travel%20to%20Morocco%20with%20no%20regrets&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tomoroccotour.com
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://tomoroccotour.com
date: Wed, 30 Nov 2022 12:19:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:19:13 GMT
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5306
date: Wed, 30 Nov 2022 12:19:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   5306
Md5:    b57b046e15633b3e54fe21bb43fde5cf
Sha1:   36a37363382ac1bd6d44141d07df14cd8a33e7b0
Sha256: f082b60f79e22d7f7ed81627eaf8d78db83941c871cb9d631545de4309e04272

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:19:13 GMT
last-modified: Wed, 02 Nov 2022 13:31:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 31645
date: Wed, 30 Nov 2022 12:19:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   31645
Md5:    08f31e8e568b40b40cf2bcc3fa782d0b
Sha1:   6e1074a99c25ee3af71ea446b4f9772155bb8b77
Sha256: 51ba6a44f2d2873e2c71591c98d4486356f5ba29e7f40781bc009ef6e489cffb
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9565
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:19:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9565
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:19:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9565
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:19:14 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
age: 51028
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5785
Md5:    59baec8db5ced0210ab766ea5636a5fd
Sha1:   f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
Sha256: 33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 52183
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9051
Md5:    05196ec43964cf559caa0c0279148d62
Sha1:   6170d6776615503e3e29f86783febc3e3e78ca66
Sha256: 47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 51983
etag: "53650399f9a986ba54addd668b4557109d12003b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    5508d05a290b663fd89ead9b58f2efd8
Sha1:   53650399f9a986ba54addd668b4557109d12003b
Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:00:54 GMT
age: 51500
etag: "2f3a39a528d3b759060203931de33c12303592e1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9330
Md5:    bbe350ea797a0fec5a19a450fc5de4b4
Sha1:   2f3a39a528d3b759060203931de33c12303592e1
Sha256: 4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
age: 50542
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10958
Md5:    777ce44582c70bf01a31da4cab366f36
Sha1:   57e1d34f146d5ccd9943aa97bcc3158f7103bb07
Sha256: fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 51769
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7298
Md5:    e00769bd1391b8f4f5b8ab128a825355
Sha1:   e4ddf955e8ac1986045ed55880c43c69e588a021
Sha256: 81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
                                        
                                            GET /wp-content/plugins/wp-font-resizer/css/fontResizer.css?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.2 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/css/post-394.css?ver=1668353252 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/svg-support/css/svgs-attachment.css?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/master-addons/assets/fonts/material-icons/material-icons.css?ver=1.9.6 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
link: <https://tomoroccotour.com/wp-json/>; rel="https://api.w.org/", <https://tomoroccotour.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://tomoroccotour.com/>; rel=shortlink
etag: "439-1669600406;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 534730
date: Wed, 30 Nov 2022 12:19:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (42527), with CRLF, LF line terminators
Size:   534730
Md5:    3f9f7c48cdb743fa74a3fab787c62b6c
Sha1:   f884da5907db1c6a37f5ab848628aaa95d364682
Sha256: 2e4904cea790f664fb985176017f8b4c758ce0afb23105d5a5b0b156a2f44008

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Open+Sans%3A400%7CPlayfair+Display%3A400%2C700&display=fallback&ver=3.9.2 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 12:19:13 GMT
date: Wed, 30 Nov 2022 12:19:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    6751bdc117e694681819cb28168a8251
Sha1:   e4691eaf77d56888e07bad9eddac7e5087a22223
Sha256: 155a2e94add5d5bfc885c2717ed7480273217c9ee65245415394a334635059b9
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/wp-font-resizer/js/fontResizer.js?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/css/post-8.css?ver=1669305160 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.9.4 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.11 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/elementor/css/post-2425.css?ver=1668353254 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-featherlight/css/wp-featherlight.min.css?ver=1.3.4 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/dynamic-mobmenu.css?ver=2.8.2.7-955 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/master-addons/assets/fonts/iconic-fonts/iconic-font.min.css?ver=1.9.6 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/mobile-menu/includes/css/mobmenu.css?ver=2.8.2.7 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/mobile-menu/includes/js/mobmenu.js?ver=2.8.2.7 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:19:14 GMT
last-modified: Wed, 02 Nov 2022 13:31:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1976
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1413)
Size:   1976
Md5:    4c93f408781478d3491a993dfd8e14f1
Sha1:   c39e01e8c1622522e0419e8d1839517f84fc0764
Sha256: 4a6f1446520bdbec790b73deb4486cbbc1568de8bf157c3f9aa82de1b5ad57f8
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:19:14 GMT
last-modified: Wed, 02 Nov 2022 13:31:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8123
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8211)
Size:   8123
Md5:    d1461f94813caf91caa6e72ab0fb4890
Sha1:   db70ccc09d60ffd52e3ab8df27e8d514cc369cf8
Sha256: d7ec47b2ef225fd2ee32e324a44991c228833dd0f710a9dd0f693da024fa35e3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:19:14 GMT
last-modified: Wed, 02 Nov 2022 13:31:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8497
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18820)
Size:   8497
Md5:    8acd87009f8e73a4f5930386c7c24ccb
Sha1:   96fed91f188ca2095d3be057407f8452cb4dafa9
Sha256: 4014427114f31cde2be90f5b9c1e86e6795631e2d8176c26d77db4a7ef82513b
                                        
                                            GET /wp-content/uploads/elementor/thumbs/tienko-dima-jk5CdjDgHbQ-unsplash-scaled-pw3k2nk02jlosx1l55gx08bvxt10eay01ufy5e4gw0.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/adil-diless-_fcZ5jncgAw-unsplash-scaled-pv6ikv36v1srqc31bp3p8nsts26mmseixnr8wcf4hs.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/eduardo-casajus-gorostiaga-RVOI4nNutfU-unsplash-scaled-pv3qhqb4zpdr5lu3381gawd9xhkeni7s7t3whytk00.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/vince-gx-33DJx0Yb2cA-unsplash-scaled-pv6iqzz9h475ip66hul10m25dlxvvnrg412codblvk.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/mohammed-lak-CBfUGtVP0QE-unsplash-scaled-pv3q74onwyvc7x8ezn2x6ko4r1tdue4rfc8rnmje68.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/meor-mohamad-LDY_h9PD_yg-unsplash-scaled-pva60pgdfhc3q8tfok98s3hl8dj2lohsi3zk9agvb4.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/emilia-igartua-9CM0JnzmWKU-unsplash-scaled-pv6jwhkt4uzrz2wn8a77kn5lavg4mpgxhdow91t18g.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/don-fontijn-llwWLf63dEo-unsplash-scaled-pv6jy7m5nxcp9cej610l57i0iaycqqb7pwqxxb91ts.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/rumman-amin-bzFHhYKdIa0-unsplash-scaled-pvf9uw9jcn4z6dj13t7j6iptg3bftf8vf3t52vm35s.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/don-agnello-wEsPKE4dEdI-unsplash-scaled-pv3q3w4odifs89xpw8p6le2z39rvbxa1nbck5bc7ls.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/2022/11/untitled-1-recovered.svg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-font-resizer/images/minus.png HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/wp-font-resizer/images/reload.png HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/cassie-smart-wMxlI-RiAMM-unsplash-scaled-pwza57pjfzs8rfcmpj0xlhbqn3abyaiur2j1ec99ns.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/master-addons/assets/css/master-addons-styles.css?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-font-resizer/images/plus.png HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/MARRAKECH-TO-ERG-CHEGAGA-DUNES-4-DAYS-TOURS-pvf9mhli7zmnbxqo76dnvn3e60r8yvvaxhqsjs2utc.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.13 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.4 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.9.4 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.9.4 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/creame-whatsapp-me/public/js/kjua.min.js?ver=0.9.0 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/master-addons/assets/js/plugins.js?ver=1.9.6 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/wp-font-resizer/js/fontResizer.js?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/master-addons/assets/js/master-addons-scripts.js?ver=1.9.6 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/mobile-menu/includes/js/mobmenu.js?ver=2.8.2.7 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tomoroccotour.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:55 GMT
expires: Tue, 28 Nov 2023 18:52:55 GMT
cache-control: public, max-age=31536000
age: 149181
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size:   16740
Md5:    e43b535855a4ae53bd5b07a6eeb3bf67
Sha1:   6507312d9491156036316484bf8dc41e8b52ddd9
Sha256: b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
                                        
                                            GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tomoroccotour.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 06:53:42 GMT
expires: Sat, 25 Nov 2023 06:53:42 GMT
cache-control: public, max-age=31536000
age: 451534
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Size:   35764
Md5:    60f23230f1a8d5c3b7d25b73f5b5ce23
Sha1:   ed08ada85d017893b9bcb8224e99154c6708f5d2
Sha256: 22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/elementor/thumbs/vince-gx-33DJx0Yb2cA-unsplash-scaled-pv6iqzz9h475ip66hul10m25dlxvvnrg412codblvk.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/tienko-dima-jk5CdjDgHbQ-unsplash-scaled-pw3k2nk02jlosx1l55gx08bvxt10eay01ufy5e4gw0.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/emilia-igartua-9CM0JnzmWKU-unsplash-scaled-pv6jwhkt4uzrz2wn8a77kn5lavg4mpgxhdow91t18g.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/meor-mohamad-LDY_h9PD_yg-unsplash-scaled-pva60pgdfhc3q8tfok98s3hl8dj2lohsi3zk9agvb4.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/don-agnello-wEsPKE4dEdI-unsplash-scaled-pv3q3w4odifs89xpw8p6le2z39rvbxa1nbck5bc7ls.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/mohammed-lak-CBfUGtVP0QE-unsplash-scaled-pv3q74onwyvc7x8ezn2x6ko4r1tdue4rfc8rnmje68.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/adil-diless-_fcZ5jncgAw-unsplash-scaled-pv6ikv36v1srqc31bp3p8nsts26mmseixnr8wcf4hs.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/rumman-amin-bzFHhYKdIa0-unsplash-scaled-pvf9uw9jcn4z6dj13t7j6iptg3bftf8vf3t52vm35s.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/eduardo-casajus-gorostiaga-RVOI4nNutfU-unsplash-scaled-pv3qhqb4zpdr5lu3381gawd9xhkeni7s7t3whytk00.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/don-fontijn-llwWLf63dEo-unsplash-scaled-pv6jy7m5nxcp9cej610l57i0iaycqqb7pwqxxb91ts.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/MARRAKECH-TO-ERG-CHEGAGA-DUNES-4-DAYS-TOURS-pvf9mhli7zmnbxqo76dnvn3e60r8yvvaxhqsjs2utc.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/wp-font-resizer/images/reload.png HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/cassie-smart-wMxlI-RiAMM-unsplash-scaled-pwza57pjfzs8rfcmpj0xlhbqn3abyaiur2j1ec99ns.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/wp-font-resizer/images/minus.png HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/wp-font-resizer/images/plus.png HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/2022/11/tomoroccotour-logo-official.svg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/master-addons/assets/css/master-addons-styles.css?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/2022/11/untitled-1-recovered.svg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/creame-whatsapp-me/public/js/kjua.min.js?ver=0.9.0 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.4 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.13 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810752.1.0.1669810752.0.0.0; _ga=GA1.1.1249394537.1669810752
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:19:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Alegreya%3Ainherit%2C100%2C400&subset=latin%2Clatin-ext&ver=6.1.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 12:19:13 GMT
date: Wed, 30 Nov 2022 12:19:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Aclonica%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAleo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CChakra+Petch%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAlfa+Slab+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAkaya+Kanadaka%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArchivo+Black%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 12:19:13 GMT
date: Wed, 30 Nov 2022 12:19:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---