tgrrre.f6d7.nu.wy5532.com/
199.115.115.118200 OK 486 B URL HTTP/1.1 tgrrre.f6d7.nu.wy5532.com/
IP 199.115.115.118:0
ASN #30633 LEASEWEB-USA-WDC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (486), with no line terminators
Hash 025f39ee6ab0740db63c67d61e704c90
7eaf972d9e77af53963da7c9c9c82514af05fc4c
82894acfd039285742e145f71236dd3c4ba1ddd4326372a52d524ca318877b3c
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: tgrrre.f6d7.nu.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: sid=6e4625ca-73d0-11ed-89b4-2556dd3829ab
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 486
content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 13:33:47 GMT
server: nginx
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2184
Expires: Sun, 04 Dec 2022 14:10:12 GMT
Date: Sun, 04 Dec 2022 13:33:48 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2550
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:33:48 GMT
Last-Modified: Sun, 04 Dec 2022 12:51:18 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3275
Expires: Sun, 04 Dec 2022 14:28:23 GMT
Date: Sun, 04 Dec 2022 13:33:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 13:18:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 924
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WReKDw8izEwN5iNpxvqBFlcuGI9DAU1JOXYXSdzljTkIremEaa5BxXQlE65KIvAhLbi05egcLe0=
x-amz-request-id: T2P9A88BKY7CVVT0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 12:47:33 GMT
age: 2775
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:33:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
tgrrre.f6d7.nu.wy5532.com/favicon.ico
199.115.115.118404 Not Found 9 B URL HTTP/1.1 tgrrre.f6d7.nu.wy5532.com/favicon.ico
IP 199.115.115.118:0
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: tgrrre.f6d7.nu.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tgrrre.f6d7.nu.wy5532.com/
Cookie: sid=6e4625ca-73d0-11ed-89b4-2556dd3829ab
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Sun, 04 Dec 2022 13:33:48 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 13:08:58 GMT
cache-control: public,max-age=3600
age: 1491
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2493
Cache-Control: max-age=159275
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:33:49 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:48:24 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
tgrrre.f6d7.nu.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDE2ODAyOCwiaWF0IjoxNjcwMTYwODI4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21wa3I1bjJiamk0OTE2aWMwMjdzb2IiLCJuYmYiOjE2NzAxNjA4MjgsInRzIjoxNjcwMTYwODI4NTQyODk3fQ.h7kj-EbmmLudfoBnbfmqIzYP6aPnu_En0EtdpJSTUys&sid=6e4625ca-73d0-11ed-89b4-2556dd3829ab
199.115.115.118302 Found 11 B URL HTTP/1.1 tgrrre.f6d7.nu.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDE2ODAyOCwiaWF0IjoxNjcwMTYwODI4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21wa3I1bjJiamk0OTE2aWMwMjdzb2IiLCJuYmYiOjE2NzAxNjA4MjgsInRzIjoxNjcwMTYwODI4NTQyODk3fQ.h7kj-EbmmLudfoBnbfmqIzYP6aPnu_En0EtdpJSTUys&sid=6e4625ca-73d0-11ed-89b4-2556dd3829ab
IP 199.115.115.118:0
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDE2ODAyOCwiaWF0IjoxNjcwMTYwODI4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21wa3I1bjJiamk0OTE2aWMwMjdzb2IiLCJuYmYiOjE2NzAxNjA4MjgsInRzIjoxNjcwMTYwODI4NTQyODk3fQ.h7kj-EbmmLudfoBnbfmqIzYP6aPnu_En0EtdpJSTUys&sid=6e4625ca-73d0-11ed-89b4-2556dd3829ab HTTP/1.1
Host: tgrrre.f6d7.nu.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tgrrre.f6d7.nu.wy5532.com/
Cookie: sid=6e4625ca-73d0-11ed-89b4-2556dd3829ab
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 04 Dec 2022 13:33:48 GMT
location: http://click-v4.expmdiadi.com/click?i=42y1oX-tCY4_0
server: nginx
set-cookie: sid=6e4625ca-73d0-11ed-89b4-2556dd3829ab; path=/; domain=.wy5532.com; expires=Fri, 22 Dec 2090 16:47:56 GMT; max-age=2147483647; HttpOnly
push.services.mozilla.com/
44.237.93.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.93.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2fxAxGWUweQZrRVSSfvzBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NcX2fSWxviH14c01M9hS27v9qDY=
click-v4.expmdiadi.com/click?i=42y1oX-tCY4_0
198.134.116.17302 Found 0 B URL HTTP/1.1 click-v4.expmdiadi.com/click?i=42y1oX-tCY4_0
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=42y1oX-tCY4_0 HTTP/1.1
Host: click-v4.expmdiadi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tgrrre.f6d7.nu.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://zeep.ly/6LMwC
Pragma: no-cache
zeep.ly/6LMwC
95.217.202.210301 Moved Permanently 20 B IP 95.217.202.210:0
ASN #24940 Hetzner Online GmbH
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /6LMwC HTTP/1.1
Host: zeep.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tgrrre.f6d7.nu.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Dec 2022 13:33:50 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: PHPSESSID=90ab72b2c2c2f619fd40871a8dcbfb89; path=/
short_6LMwC=1; expires=Sun, 04-Dec-2022 14:03:50 GMT; Max-Age=1800; path=/; HttpOnly
Location: https://www.cruzeiro-safaris.com/
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11321
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 13:33:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11321
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 13:33:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11321
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 13:33:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11321
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 13:33:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11321
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 13:33:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 56649
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 56990
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 56630
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:42:39 GMT
age: 57072
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:55:20 GMT
age: 27511
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:08:25 GMT
age: 55526
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 033ca81f0777b00bfff93bdb883f0697
9ccce7f9a4a8d91cca10823ad0d5abb8642ad628
a20606a54baee6b2dee0f2edcb8a1ec05f3a725f8e3c27a80b176ec8275ae670
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 13:33:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 04:08:06 GMT
Expires: Thu, 08 Dec 2022 04:08:05 GMT
Etag: "9ccce7f9a4a8d91cca10823ad0d5abb8642ad628"
Cache-Control: max-age=311053,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7744ea8daed3b52d-OSL
www.cruzeiro-safaris.com/
68.65.122.186200 OK 35 kB URL HTTP/2 www.cruzeiro-safaris.com/
IP 68.65.122.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5722), with CRLF, LF line terminators
Hash 3f243041966d741188857630dfb02bb7
5e46e8c1cc9664bbfdcb7b6f247d36bd2743260c
65b6e1a079940462492d89efa0af1be7004b1a92e15627d6b8917b496e613132
GET / HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tgrrre.f6d7.nu.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:51 GMT
server: Apache
x-powered-by: PHP/7.4.33
expires: Wed, 17 Aug 2005 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67; path=/; HttpOnly
last-modified: Sun, 04 Dec 2022 13:33:52 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 34867
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2
widget.getyourguide.com/v2/widget.js
54.230.111.122301 Moved Permanently 0 B URL HTTP/2 widget.getyourguide.com/v2/widget.js
IP 54.230.111.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/widget.js HTTP/1.1
Host: widget.getyourguide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-length: 0
location: https://widget.getyourguide.com/pw/latest/client-loader/widget.js
date: Sun, 04 Dec 2022 13:33:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: d0112c9f-8873-4c5f-a534-3c872c3f9490
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Pm0R9T3qbQq5xy79j-2_AL1SVwsBt8wYWyTPm9yz9b3b1R2fnuGgEg==
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/plugins/system/jce/css/content.css?15605b57da1d35b72b6bbcf44f8916c1
68.65.122.186200 OK 1.0 kB URL HTTP/2 www.cruzeiro-safaris.com/plugins/system/jce/css/content.css?15605b57da1d35b72b6bbcf44f8916c1
IP 68.65.122.186:0
File type ASCII text, with very long lines (7728), with no line terminators
Hash 72ba0fc56a7ed0dc3ddbb9d754f63903
99cfaaed5fc9e32da79ab54247fc33bf4d3c7655
5c6b68e0c8c2a0b5157281233aa2f32bd413b0c15131875ddd0e6c9bac612bd1
GET /plugins/system/jce/css/content.css?15605b57da1d35b72b6bbcf44f8916c1 HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Wed, 19 May 2021 06:54:08 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1018
content-type: text/css
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1780fe88eabe57c893f12ff8a7d005d4
47e7fa0f263272aae53d09cc17246feab7671e71
7b31b129872394280658dc6ef08d7d0ec4308bf14cb13c8adfb9b362db58814e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5266
Cache-Control: max-age=155955
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:33:52 GMT
Etag: "638c4b61-117"
Expires: Tue, 06 Dec 2022 08:53:07 GMT
Last-Modified: Sun, 04 Dec 2022 07:25:21 GMT
Server: ECS (amb/6BC1)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 02467b98cd91b8c1337eba24f2c09496
8c8e51c8df836dce7cace8394e0e09d1165f89f7
9a9f52dc223141c310b9f33f53f8bdc63b9bb7b53b1cb3b62544fa62ca45860b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:33:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:33:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.101200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.101:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sun, 04 Dec 2022 01:28:24 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tWu3jWcaqmzd89xYdBn3kEcgOgt-JzAi_8iENvfEkSniDXW3Gd1gKg==
age: 43529
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:33:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion.js
172.217.21.162200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP 172.217.21.162:0
File type ASCII text, with very long lines (2772)
Hash ac7574cbc5b2e85b7ddfa76b8657e59d
2bbeec5531576d6352b1c2b74e0e05c1ea10251d
bdf1e52afba9d671ea698707f97e8609de6360c502dc7b6eed2f40f979e08387
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 04 Dec 2022 13:33:52 GMT
expires: Sun, 04 Dec 2022 13:33:52 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16359567893097152046
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16827
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-11772281-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-11772281-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 5cd92d3ff6f825844a6f9a42383c8cf4
02448278b770aa653f708b58223abf5df4d3f826
1d2ab1f89b83862b9b15b806d43b7bb0adc0af63e774fe79b51c94b417bea163
GET /gtag/js?id=UA-11772281-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 13:33:52 GMT
expires: Sun, 04 Dec 2022 13:33:52 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43592
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-831005086
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-831005086
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 66da8de9bcb7a7aba9710d70304515f4
2c1f234e3dae9e3cff1b29244d32afdff3200229
9c81417bf03b7384ebb64cd0a63e6fd7fc4a86ea6a6cc5e733afbc9475f9ced6
GET /gtag/js?id=AW-831005086 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 13:33:52 GMT
expires: Sun, 04 Dec 2022 13:33:52 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52986
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.kayak.com/news/badge/kk/tg005.png
151.101.129.29200 OK 13 kB URL HTTP/2 www.kayak.com/news/badge/kk/tg005.png
IP 151.101.129.29:0
File type PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Hash 2385da531246f4e5ec82b0cc84858503
1898cbe645775fc4cf02396d4423b88ae7f1530d
65d8ac86ed0432f654506f847946f1df2689ce26d7b680e684a533b6197380b0
GET /news/badge/kk/tg005.png HTTP/1.1
Host: www.kayak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: KAYAK/1.0
last-modified: Fri, 28 Oct 2022 07:51:28 GMT
etag: "32c4-5ec1386768000"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-kayak-presentation: web
x-esi: YES
cache-control: max-age=31536000
content-type: image/png
x-sn-waf-code:
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:33:52 GMT
age: 3105465
vary: Fastly-SSL,SSL,Accept-Encoding
content-length: 12996
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 51a26efa0eccb96943e350974fd43c68
1166493b83befbfa7124203f4e6ec42fd68ee03d
3e1a4460dd0977ce030cdda187c2e61a46a881a71ce8dd0e4c367f052f837f16
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E1A4460DD0977CE030CDDA187C2E61A46A881A71CE8DD0E4C367F052F837F16"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13323
Expires: Sun, 04 Dec 2022 17:15:55 GMT
Date: Sun, 04 Dec 2022 13:33:52 GMT
Connection: keep-alive
cache.vtrcdn.com/images/10067/viator-top-rated.png
95.100.11.185301 Moved Permanently 274 B URL HTTP/2 cache.vtrcdn.com/images/10067/viator-top-rated.png
IP 95.100.11.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 415fb1f589a77a20e16c4c81233a5a81
5ae4f482a07270dd5d52b139b9c7edf45d5b2a8c
51e2830cc4a231e1bfc567eaa4d495966d129b4e5f4efe7cc40c9b0cf723489f
GET /images/10067/viator-top-rated.png HTTP/1.1
Host: cache.vtrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
content-length: 274
location: https://cache.vtrcdn.com/orion/images/widgets/viator-top-rated.png
strict-transport-security: max-age=15724800; includeSubDomains
x-unique-id: 687B44BF:8B8C_0A2808C9:01BB_6389153F_2969F72:4B9A
traceparent: 00-48fafb4b88bb429daad0a9d8fc95de2a-b270322956ee0981-00
expires: Thu, 08 Dec 2022 20:57:35 GMT
server: Apache
date: Sun, 04 Dec 2022 13:33:52 GMT
X-Firefox-Spdy: h2
www.viator.com/orion/partner/widget.js
95.100.11.185200 OK 675 B URL HTTP/2 www.viator.com/orion/partner/widget.js
IP 95.100.11.185:0
File type ASCII text, with very long lines (1381), with no line terminators
Hash 2d338a630462243b5ebcd1bdcf79dfef
5bd484d233a142b236df962f0614c99509f7b402
186d167a4caa85d7e6b1e306b6e73507b2375955e9c1dd08210ff3a6a19b26ea
GET /orion/partner/widget.js HTTP/1.1
Host: www.viator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
last-modified: Mon, 14 Nov 2022 18:03:28 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15724800; includeSubDomains
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' *.viator.com:*
vary: accept-encoding
content-encoding: gzip
x-unique-id: 17C1746E:E336_0A280D87:01BB_6372872A_197199:3D8C
traceparent: 00-91c0d17f10c04fc08cd492c55a8b2572-b9b823c745762328-00
expires: Mon, 21 Nov 2022 18:21:30 GMT
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
server: Apache
content-length: 675
date: Sun, 04 Dec 2022 13:33:52 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a2365b2356f35547e7a8a0eeac1a5e71
f070192cf1ad964c90dd00bdf6b04fa598618d61
50415514239bdc4345cb6f75e5aba42fe0f093aaf21de22276aaeceab84c0450
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:33:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
payments.pesapal.com/site/images/426/pesapalpaybtn.png
104.18.3.36200 OK 8.5 kB URL HTTP/2 payments.pesapal.com/site/images/426/pesapalpaybtn.png
IP 104.18.3.36:0
File type PNG image data, 125 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash f373352361e070a7948ebf382cab6786
3626cdb5f70a30a3b8ec369295e22ae271e8d20d
ce1d5908f3a288e1921fc49e1eb90dba3a6b71bc8a43e5790fa46997642485e9
GET /site/images/426/pesapalpaybtn.png HTTP/1.1
Host: payments.pesapal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
content-type: image/png
content-length: 8527
last-modified: Wed, 16 Jan 2019 09:38:52 GMT
cf-cache-status: HIT
age: 4703
expires: Sun, 04 Dec 2022 17:33:52 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=70Dg_q6lm0uSpSSlUCVveezjvCn5uDjFD8a12KN4SKw-1670160832-0-AYONIQKoXMSYc6mvx8mgoiyToIfLel9Hi2iuYQwPK0ofUpbOVI5iX5uA3dID2BtlBD62cXp4HMOFULp2H+W07bs=; path=/; expires=Sun, 04-Dec-22 14:03:52 GMT; domain=.pesapal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7744ea94ec171c12-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:33:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cache.vtrcdn.com/orion/images/widgets/viator-top-rated.png
95.100.11.185200 OK 7.2 kB URL HTTP/2 cache.vtrcdn.com/orion/images/widgets/viator-top-rated.png
IP 95.100.11.185:0
File type PNG image data, 150 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 4717efd439984bfb9c3aca93e99d9412
5910801df783caadd73afa622004fe2030306c36
504275ff94ccf3630e3bcf2e684da3be57d6326a5120b29604c1fcb017a74efc
GET /orion/images/widgets/viator-top-rated.png HTTP/1.1
Host: cache.vtrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png;charset=UTF-8
content-length: 7232
last-modified: Mon, 14 Nov 2022 17:57:00 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15724800; includeSubDomains
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' *.viator.com:*
x-unique-id: 17C1747C:CA3E_0A280B98:01BB_637374B6_735891:7E61
traceparent: 00-467a4e7a53294dd2b31afea07febeca1-bdda1a07e28cc936-00
expires: Tue, 22 Nov 2022 11:15:02 GMT
server: Apache
date: Sun, 04 Dec 2022 13:33:52 GMT
X-Firefox-Spdy: h2
www.tripadvisor.com/img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg
2.18.173.78200 OK 2.3 kB URL HTTP/2 www.tripadvisor.com/img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg
IP 2.18.173.78:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash bf29758e41903e1fabdc4a19c89bac9b
1ff70aca18e5d207268b7888d56ab2a897909ff8
6936f35bf6375797c7d4a526dd6bfdf2a5f3d0dfb4e4d1e9e292ce31bc45702c
GET /img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: envoy
cache-control: private, max-age=43200
expires: Mon, 05 Dec 2022 01:33:52 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
timing-allow-origin: https://www.tripadvisor.com
content-type: image/svg+xml
content-encoding: gzip
vary: Accept-Encoding
content-length: 2315
date: Sun, 04 Dec 2022 13:33:52 GMT
set-cookie: TADCID=A3-q6jtyjbiuV0LIABQCFdpBzzOuRA-9xvCxaMyI13H4Oq-3M3W5FFyWzRRK64vqooe5Qd766eenhVSwsk6NIODRKYzU1FmiwZk; Domain=www.tripadvisor.com; Expires=Wed, 01-Dec-2032 13:33:52 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3AZPIqSwLBkkLk7nWhzVPS6shGd0grv0wJcINT%2BSG4rUY2jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com; Expires=Tue, 03-Dec-2024 13:33:52 GMT; Path=/; HttpOnly
__vt=inzbx5JUuIbLQ_RPABQCIf6-ytF7QiW7ovfhqc-AvSHV2irZ5lsZtzQyy5bYu7J1sE6WS0nwMRwR5LgKTg9lPb3u0eI3hwrLUd71aL0zoDvjyCm2Qt9LFC9YjuM0f5er1ge17SD-yTJPMdcXHqDkD8JdOg; Domain=www.tripadvisor.com; Expires=Sun, 04-Dec-2022 14:33:52 GMT; Path=/; Secure; HttpOnly
TASession=V2ID.27F08C46546E8AA36908E3667904FF16*SQ.1*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*TRA.true; Domain=.tripadvisor.com; Path=/
ServerPool=R; Domain=.tripadvisor.com; Path=/
TACds=A.1.11900.2.2022-12-03; Domain=.tripadvisor.com; Expires=Thu, 02-Feb-2023 13:33:52 GMT; Path=/
X-Firefox-Spdy: h2
www.jscache.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2
151.101.2.83301 Moved Permanently 0 B URL HTTP/2 www.jscache.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2
IP 151.101.2.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2 HTTP/1.1
Host: www.jscache.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: envoy
location: https://www.tripadvisor.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2
expires: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-type: text/plain; charset=utf-8
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:33:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670160833.722966,VS0,VE147
content-length: 0
X-Firefox-Spdy: h2
www.jscache.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2
151.101.2.83301 Moved Permanently 0 B URL HTTP/2 www.jscache.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2
IP 151.101.2.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2 HTTP/1.1
Host: www.jscache.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: envoy
location: https://www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2
expires: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-type: text/plain; charset=utf-8
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:33:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670160833.730013,VS0,VE143
content-length: 0
X-Firefox-Spdy: h2
www.tripadvisor.com/img/cdsi/img2/badges/ollie-11424-2.gif
2.18.173.78200 OK 551 B URL HTTP/2 www.tripadvisor.com/img/cdsi/img2/badges/ollie-11424-2.gif
IP 2.18.173.78:0
File type GIF image data, version 89a, 31 x 20\012- data
Hash c49ee6486f965a57bd7580eefa23c260
41ecc79ff7dd26b4950b04d24c7c5e3eb33742c4
10671a700bbd5ce00557871cc4ee9608332dc396bfea680b700260efaf4e059d
GET /img/cdsi/img2/badges/ollie-11424-2.gif HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: envoy
cache-control: private, max-age=43200
expires: Mon, 05 Dec 2022 01:33:52 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
timing-allow-origin: https://www.tripadvisor.com
content-type: image/gif
content-length: 551
date: Sun, 04 Dec 2022 13:33:53 GMT
set-cookie: TADCID=IQeCfP4_15OiVqvmABQCFdpBzzOuRA-9xvCxaMyI13H4OtyvvNSXZG0pxwrEoiP40RdCgqdCVOz_t1OQiEE38MLQrbTJCGcJqW0; Domain=www.tripadvisor.com; Expires=Wed, 01-Dec-2032 13:33:52 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3AYgZZfMGbfqfk7nWhzVPS6shGd0grv0wJ%2F1fJWkxc%2FpY2jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com; Expires=Tue, 03-Dec-2024 13:33:52 GMT; Path=/; HttpOnly
__vt=EpFN6quVWSUViEToABQCIf6-ytF7QiW7ovfhqc-AvSHV2u5T0nj82ZZsLS37EnjolBqDSQA8whFZAc3medmYoWgKQ18oB2Y-Tw-1J9OrJXGK2msjIO0-OvMhrT9nintqTXec0hndwOJo60GqiFciyoOh; Domain=www.tripadvisor.com; Expires=Sun, 04-Dec-2022 14:33:52 GMT; Path=/; Secure; HttpOnly
TASession=V2ID.D5C393E3D5C19A4B6F02774FA6978F5C*SQ.1*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*TRA.true; Domain=.tripadvisor.com; Path=/
ServerPool=C; Domain=.tripadvisor.com; Path=/
TACds=A.1.11424.2.2022-12-03; Domain=.tripadvisor.com; Expires=Thu, 02-Feb-2023 13:33:52 GMT; Path=/
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 0a6e78a527993695db66c50ca17f2d2f
5b942fdfda4fe0b8cab6dfc39eb7cade1d98d216
f530049f34194ba6196a99365f57e48716071284e927ef4dcdbd85b935868c61
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157532
Date: Sun, 04 Dec 2022 13:33:52 GMT
Etag: "638c661c-1d7"
Expires: Tue, 06 Dec 2022 09:19:24 GMT
Last-Modified: Sun, 04 Dec 2022 09:19:24 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9i7m-P03Z68eYIeCXYhN7BnJEwe7N8n6q4Kn0KcPHU2zpAtG0HZABA==
www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2
2.18.173.78200 OK 281 B URL HTTP/2 www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2
IP 2.18.173.78:0
File type ASCII text, with very long lines (338)
Hash 5ea8deb6e9a482bdb443d32e971c3149
fe6574b405da0d1bc4b8c50f9fc9499506d0200c
e347c8de099ed32e599949c8011f1031e85c4e5d71d2ccb8fbd5d15934ebc213
GET /wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2 HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
expires: 0
cache-control: no-cache,no-store,must-revalidate
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
timing-allow-origin: https://www.tripadvisor.com
vary: Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
content-encoding: gzip
content-length: 281
date: Sun, 04 Dec 2022 13:33:53 GMT
set-cookie: TADCID=OPc8dFGmRZbPNhftABQCFdpBzzOuRA-9xvCxaMyI13H4OuDuc5mKMECtQGVqS2m9qgRbQEWVlLeoBr0wzReDSgwtOM53ygYyFpA; Domain=www.tripadvisor.com; Expires=Wed, 01-Dec-2032 13:33:52 GMT; Path=/; Secure; HttpOnly
__vt=pP8Kvj9UA6mGEY4mABQCIf6-ytF7QiW7ovfhqc-AvSHV2vN8SmCA0f_8vk9cTFCM882d2kZ2qGf04spxexu6P47mNg6LHYNLMB87JRwK1R6ua9m45e3CveMR6NVee11rtXyb8gAeq5Id_vIhLyDnJKsRiQ; Domain=www.tripadvisor.com; Expires=Sun, 04-Dec-2022 14:33:52 GMT; Path=/; Secure; HttpOnly
_abck=42CC4D886DE0175131705FD05CEA3274~-1~YAAQpQplX7BzKoaEAQAAHNpX3Qkq72vvw6aZgcpAbol4ex288QQQQuAuC5S9M7zhk6a72nlzK96DjhcQ/Z4lUmKUKPyORPvAC40JZzqyYJOOtZCTyLZNJf3KSzw3Edk83jhxy67uh4JUL4ZTXZV9sp2SUY/4lNI/hUpr1qiViRjiGTsb8L2zTYyEg6RkfjcDgyVcMFH2LvpjBpgNvgrYhR0y18ol8ayDgFcIyQI5gbr0N6gHRKUVczJGZymUjL37nAyCCPQFnMHVgABtAJsHbWXMBX30OWevocCNWGenRDp1EojMUi/bcUmmzTyQgwmIvTxPVUcINESF4NhrPCVJtMATvVwBuSKeXCQszrNfo9k7ErtPTa/wTJKOYkqIbOHA8cc=~-1~-1~-1; Domain=.tripadvisor.com; Path=/; Expires=Mon, 04 Dec 2023 13:33:53 GMT; Max-Age=31536000; Secure
bm_sz=92D7F606B320B3E2C68B396462308C3D~YAAQpQplX7FzKoaEAQAAHNpX3RLStYtW7kBRMCu8yxGLO0cZscTqWDQeOo9+4vgFff8uD0/2S9D2ubjGfYdT+WkAJJbSobcQU4zzPBlOW3ubHM8uG4jQvYUp4hTmxTXVehefsLJW8To4BLJkHyDN1pg7BZoeMzJwYb8L3pe062zb7hxeUMG975fVTxjU8KF1/2fgFNMDoD4hmssMtcHATu35Kx+DJktvGwuktogZZ1KqqjXKM7V2V76eb832Ag6RwJf3p3OcFHFvpma2TsarpP24japEW0alUu05kNIjLQVaVDddbtNVEw==~4534579~3158581; Domain=.tripadvisor.com; Path=/; Expires=Sun, 04 Dec 2022 17:33:52 GMT; Max-Age=14399
X-Firefox-Spdy: h2
gyg.me/kUtga42u
143.204.55.88301 Moved Permanently 0 B IP 143.204.55.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /kUtga42u HTTP/1.1
Host: gyg.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-length: 0
location: https://cdn.getyourguide.com/supplier-portal/assets/images/6a52159c.png
date: Sun, 04 Dec 2022 13:33:53 GMT
content-language: en-US
x-envoy-upstream-service-time: 5
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-request-id: d89f80e1-6197-4cbe-97c8-5b2753884b42
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R4H4llmLPBJVSdn4PTThAvUOPQtfjRpxavGaLkWimWBp-zAuwcDexg==
X-Firefox-Spdy: h2
www.privatetour.com/img/badges/private-tour-4.png
178.157.15.209200 OK 22 kB URL HTTP/2 www.privatetour.com/img/badges/private-tour-4.png
IP 178.157.15.209:0
ASN #42807 Aerotek Bilisim Sanayi ve Ticaret AS
File type PNG image data, 320 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash 95560b652c50fb12d72defe3c3fc9d99
c64dbf60708ef06e65e028169a3fea9e8b090d21
f7f467ea88123f6e51bc444daf24b1577e6f4e90b81c9720d3afc6cffd65e2d6
GET /img/badges/private-tour-4.png HTTP/1.1
Host: www.privatetour.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 04 Dec 2023 13:33:53 GMT
content-type: image/png
last-modified: Thu, 01 Apr 2021 08:28:50 GMT
accept-ranges: bytes
content-length: 22022
date: Sun, 04 Dec 2022 13:33:53 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.tripadvisor.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2
2.18.173.78200 OK 231 B URL HTTP/2 www.tripadvisor.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2
IP 2.18.173.78:0
Hash 4dcb05d8fe99aad5af553f00c6b95d7e
b05bc388b22600f959998919fa45a4dcb5d01752
77d661b3ed335344bc90b80e079f3d0bc604fd7dfe462b6799209bb5e7732191
GET /wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2 HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
expires: 0
cache-control: no-cache,no-store,must-revalidate
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
timing-allow-origin: https://www.tripadvisor.com
vary: Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
content-encoding: gzip
content-length: 231
date: Sun, 04 Dec 2022 13:33:53 GMT
set-cookie: TADCID=pnJdHuTSYOt_UgV4ABQCFdpBzzOuRA-9xvCxaMyI13H4OlN4BpI2oIXNQW_4tBGOA-bbMff7-4JGoFaFuvzsb36tKgOiWuY86bY; Domain=www.tripadvisor.com; Expires=Wed, 01-Dec-2032 13:33:53 GMT; Path=/; Secure; HttpOnly
__vt=RvN-WaOvZ_Ks8AKtABQCIf6-ytF7QiW7ovfhqc-AvSHV2sy5g9hibEUGgMgyeZNVMQ0yXcfgGJvlg-fYY96nyIuVGvZoZ0UY3nZ7rWOUaH8zIm47ItLsAbug1x5Ycit1SorK8urndREtiZuPBgS1_ufN2A; Domain=www.tripadvisor.com; Expires=Sun, 04-Dec-2022 14:33:53 GMT; Path=/; Secure; HttpOnly
_abck=EA6E662F81378E7605DB55CD0036F640~-1~YAAQpQplX7RzKoaEAQAAeNpX3Qm0FSYAi80Ic4H90X3WsCsRgZ4i/floUSScZa9TmHEz/e1BOdVmFSJqQagByVT5/2LKOwspInCqTZQojam+7UaVMdu82t+tQ0ziIYfOpbuIHzm2Y8vEMmD5bFDA/5QgBFGI80hJy8q67ji1T4H+QcGAyCKApwUARxGI3kVbl8L9RAPkFoQFq+fcFARVBTXoGZETCdfm1cewXtvq6+NO2uhxQcQeLg4j/JhObzS8C73vQi0GMiLIu0nekdgancTEqzcBWFpmReBPvY5fXOztEay0cEe3FwXAUW10o4ByvOaJOJqsqMDgm7angKogsMf3mRiHOiMjpa+QrNYcJUdylo0a0usS1Xd+OKkWJ9v8IAo=~-1~-1~-1; Domain=.tripadvisor.com; Path=/; Expires=Mon, 04 Dec 2023 13:33:53 GMT; Max-Age=31536000; Secure
bm_sz=906207259C0A64C011908F29E9EA008B~YAAQpQplX7VzKoaEAQAAeNpX3RLOT8tJwLAai7vJWnFo9In21zksYyCiEBK1X5QD6JDw5vb2Y9H/PSUDg8SzXSMeppdGvrn33a5OEyCBTq9QJRnyYcq4GaModo2bdCfIzAIeq9PhrxR24pJcGMqLuLoeBdcQJw6wOEB/Q5683FrYQ8lgSAulDU1JJ0zQ3m6nNM3gbMWpyDRExrVeB06AtdeKOKRD41RM9t3YTAa3wKZRHNQ91G2fBq8W/RBIiUazOb7Ph5IhW56EHEcHwMS4nzcG9kWAW1XK4VdykKW0OJbJ6Z/D6iiyRw==~4534579~3158581; Domain=.tripadvisor.com; Path=/; Expires=Sun, 04 Dec 2022 17:33:52 GMT; Max-Age=14399
X-Firefox-Spdy: h2
cdn.getyourguide.com/supplier-portal/assets/images/6a52159c.png
54.230.111.82200 OK 6.1 kB URL HTTP/2 cdn.getyourguide.com/supplier-portal/assets/images/6a52159c.png
IP 54.230.111.82:0
File type PNG image data, 285 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a52159cdafaac586ebfb7cc928f71cd
3549bef9e5cf9bf01b5057ab7ee2357fb25b5de1
a3a4fa00768b12ec195c713f1b8118f640b32bd25696059c6a8d6e73401cd391
GET /supplier-portal/assets/images/6a52159c.png HTTP/1.1
Host: cdn.getyourguide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 6123
date: Wed, 01 Jun 2022 09:30:11 GMT
last-modified: Mon, 16 Aug 2021 08:36:46 GMT
etag: "6a52159cdafaac586ebfb7cc928f71cd"
cache-control: max-age=31536000, public, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TKY6NwUkF10TjmgQlkyhhvKcy_KLeNVc-twdiENXJPnCJ9DeLElLug==
age: 16085022
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1780fe88eabe57c893f12ff8a7d005d4
47e7fa0f263272aae53d09cc17246feab7671e71
7b31b129872394280658dc6ef08d7d0ec4308bf14cb13c8adfb9b362db58814e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5267
Cache-Control: max-age=155955
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:33:53 GMT
Etag: "638c4b61-117"
Expires: Tue, 06 Dec 2022 08:53:08 GMT
Last-Modified: Sun, 04 Dec 2022 07:25:21 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
www.cruzeiro-safaris.com/images/email-icon.png
68.65.122.186200 OK 5.7 kB URL HTTP/2 www.cruzeiro-safaris.com/images/email-icon.png
IP 68.65.122.186:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash f5546f288c112eb513a453e7856ba024
57aefb6d7c65c0457b45e070a8efd5dff4bddafe
5e11b77b10368d77a63315c53351bb3581254f1f00baff3213fe9f3ce270d2b4
GET /images/email-icon.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 5698
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/phone.png
68.65.122.186200 OK 7.7 kB URL HTTP/2 www.cruzeiro-safaris.com/images/phone.png
IP 68.65.122.186:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 4755dd7732b8cbb11a19c488c19a1e6d
6c924c8cb64cc3e0277690fa3cea37c2afe421d6
2a6af9dabb1ffbeeecab784b10e99e7a9f1579fade1ad29a368e4f12667a72e3
GET /images/phone.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:32 GMT
accept-ranges: bytes
content-length: 7727
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/online-booking-tours.jpg
68.65.122.186200 OK 19 kB URL HTTP/2 www.cruzeiro-safaris.com/images/online-booking-tours.jpg
IP 68.65.122.186:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 200x200, components 3\012- data
Hash 0d42e1d1bc799c5d4c176eab504b860d
19e539a1334af02480ee600857e58f629922f475
f1aca7e4c91bc1b3c6a1cec99163ccdee0af977629aa6c18d3cfc861955f4f11
GET /images/online-booking-tours.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:27 GMT
accept-ranges: bytes
content-length: 18988
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/social/yt.png
68.65.122.186200 OK 5.7 kB URL HTTP/2 www.cruzeiro-safaris.com/images/social/yt.png
IP 68.65.122.186:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash ac8caec94310fa12d840e74235ab7bc2
b0c7fb16777940b987d2333ef83bd4b116cb164b
951bce6cca58c0df67b1ca1edf8f897289ccf3ac0f7926c22e540a87599f4be1
GET /images/social/yt.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 5698
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/social/tw.png
68.65.122.186200 OK 4.0 kB URL HTTP/2 www.cruzeiro-safaris.com/images/social/tw.png
IP 68.65.122.186:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash ff5a46434a077162166add229a02d9ae
af11a6b6d0882b3d1b908cc9bd4ca8f3d62912d9
240ccfca0c6d63360debf27c8a84ffb56c191fdb1d542bcbea21d3dbf6890ccd
GET /images/social/tw.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 3970
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/social/bookmundi.png
68.65.122.186200 OK 5.9 kB URL HTTP/2 www.cruzeiro-safaris.com/images/social/bookmundi.png
IP 68.65.122.186:0
File type PNG image data, 203 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 45bff72e5f9eeeb63dea8823c5b1489e
0bed815e8841fb39c3e125e0e30cc38cdc7d1fc1
6fc9f517559a199ebf55eccf6df69382ccb96e3b3d374f2b5dc8a56fdf9bd0be
GET /images/social/bookmundi.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 5908
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/aliexpressonline_store.png
68.65.122.186200 OK 13 kB URL HTTP/2 www.cruzeiro-safaris.com/images/aliexpressonline_store.png
IP 68.65.122.186:0
File type PNG image data, 398 x 89, 8-bit/color RGB, non-interlaced\012- data
Hash 856819177971294497f45f2fdfe1895a
d8c95dffc3f608e921ac14ca0f320fe0d02e1fd7
232ea19b620e42e57599d7f50a23a68cedab0565afdfb3949094595a3e0808c5
GET /images/aliexpressonline_store.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Wed, 04 Nov 2020 18:34:57 GMT
accept-ranges: bytes
content-length: 12721
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/bdg_now_accepting_pp_2line_w.png
68.65.122.186200 OK 13 kB URL HTTP/2 www.cruzeiro-safaris.com/images/bdg_now_accepting_pp_2line_w.png
IP 68.65.122.186:0
File type PNG image data, 334 x 127, 8-bit/color RGBA, non-interlaced\012- data
Hash 29b112f4344afeb41834a4b28ef4c0be
37e4289c874cd2236add4a7013a2b0310cc59a63
b5796db96672733b8b49dc498bd4e1e03f54b3b9a9944e202e1f5e418534d1a2
GET /images/bdg_now_accepting_pp_2line_w.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:29 GMT
accept-ranges: bytes
content-length: 12843
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/social/blg.png
68.65.122.186200 OK 4.7 kB URL HTTP/2 www.cruzeiro-safaris.com/images/social/blg.png
IP 68.65.122.186:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash f4d353b1d3caac5b371e6df7a6ede420
c92121e8da79b0ddafd67a492b6a6106a221a92f
6a1b922e613b6a597bb2c51d93ea739056afcdf9e6cfc25bd9e8854cbbcce6c1
GET /images/social/blg.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 4737
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/social/fb.png
68.65.122.186200 OK 3.4 kB URL HTTP/2 www.cruzeiro-safaris.com/images/social/fb.png
IP 68.65.122.186:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash dd9b9178e2324bc658f824e4ccb52298
101a59701d9ad676d963b5ea21ed9f26051c4081
19ee1ef3b6f79fd79b0f091856705e0be115789fe2f13fb7bfa00279f04d6b04
GET /images/social/fb.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 3386
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/social/g+.png
68.65.122.186200 OK 5.6 kB URL HTTP/2 www.cruzeiro-safaris.com/images/social/g+.png
IP 68.65.122.186:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash aff40945bf410a8c3ca75d65b0b9bb48
ca09a09d19cec73cb4086717eeb19912311cb7ad
1db6c0f5293f66c93abd7c066d692d1a7873b5556e9873b7f75d7d775ccbab56
GET /images/social/g+.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 5552
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/ntr-logo.png
68.65.122.186200 OK 15 kB URL HTTP/2 www.cruzeiro-safaris.com/images/ntr-logo.png
IP 68.65.122.186:0
File type PNG image data, 340 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 2db71ed71bd7d1959a83f9c52e190ee4
6bf88032861a81d0eca4fc53e13da6dc6b427d28
96dc6a9fb4241833f8cf2bf767fb2a98db902752fbf007c54e5435c09cc52cce
GET /images/ntr-logo.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Thu, 19 Nov 2020 16:21:41 GMT
accept-ranges: bytes
content-length: 15379
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/logo.png
68.65.122.186200 OK 20 kB URL HTTP/2 www.cruzeiro-safaris.com/images/logo.png
IP 68.65.122.186:0
File type PNG image data, 138 x 83, 8-bit colormap, non-interlaced\012- data
Hash 1ced964956e309c9e0346576b65d1d8d
3c7061804302a0b9f0f8b6c47ba2d69e555cc7af
31bfbc9f813af1e2d2e76f2be4177ffbfde87efbd50da9fbab1187c2262c0800
GET /images/logo.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 19763
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/Cruzeiro-Safaris-Ltdkatologobonded.jpg
68.65.122.186200 OK 16 kB URL HTTP/2 www.cruzeiro-safaris.com/images/Cruzeiro-Safaris-Ltdkatologobonded.jpg
IP 68.65.122.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 147x150, components 3\012- data
Hash de5a988c5e75dd83d61077c835c5fafd
2108127c7413d788bcc7f13656506f1ed2e4b615
92ffdcb0e1d7cddc56d22fcfaed7887116dd4e493e922d4ccde845c02d73c8de
GET /images/Cruzeiro-Safaris-Ltdkatologobonded.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 16468
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/wildlife_animals/IMG_20170430_152429.jpg
68.65.122.186200 OK 41 kB URL HTTP/2 www.cruzeiro-safaris.com/images/wildlife_animals/IMG_20170430_152429.jpg
IP 68.65.122.186:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x582, components 3\012- data
Hash 61086555f4218996840fb643c5888724
2104356b2e90876ff2fbf609d57590afafb178aa
6fb40723209d19ec04682562451519a4550c1efd739a4bec6bd9bcd9b8156ba3
GET /images/wildlife_animals/IMG_20170430_152429.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:31 GMT
accept-ranges: bytes
content-length: 41207
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/nairobi-tours/dinnerandshow_cruzeirosafariskenya.JPG
68.65.122.186200 OK 32 kB URL HTTP/2 www.cruzeiro-safaris.com/images/nairobi-tours/dinnerandshow_cruzeirosafariskenya.JPG
IP 68.65.122.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 591x443, components 3\012- data
Hash 6201dbc4c650f919e9f60b37dcf54429
4805b4eea46576a01f4eed2d5e73821a6facce21
89c34f6d7af2cc662e6aabe1358470ba756a91821ea1c1613f524d30ca653edc
GET /images/nairobi-tours/dinnerandshow_cruzeirosafariskenya.JPG HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Mon, 12 Sep 2022 17:38:07 GMT
accept-ranges: bytes
content-length: 32479
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/safaris/lions.jpg
68.65.122.186200 OK 32 kB URL HTTP/2 www.cruzeiro-safaris.com/images/safaris/lions.jpg
IP 68.65.122.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x375, components 3\012- data
Hash 17122a30ad6fba04840e2b4cca5863a2
39850dd41cfd40f7830db6b855033a93eb5c1a3a
8fac717efb1751584ea446f2861fddacb48deb5f016337ab017f3ba92dae7c1c
GET /images/safaris/lions.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:29 GMT
accept-ranges: bytes
content-length: 31662
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/nairobi-tours/DSC02480.JPG
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/nairobi-tours/DSC02480.JPG
IP 68.65.122.186:0
GET /images/nairobi-tours/DSC02480.JPG HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Mon, 12 Sep 2022 17:52:43 GMT
accept-ranges: bytes
content-length: 942299
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?bootstrap.min-ee11376e.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?bootstrap.min-ee11376e.js
IP 68.65.122.186:0
GET /media/template/gzip.php?bootstrap.min-ee11376e.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
x-powered-by: PHP/7.4.33
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours12.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours12.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours12.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 381626
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours1.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours1.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours1.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 90337
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours22.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours22.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours22.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 303576
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours4.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours4.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours4.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:29 GMT
accept-ranges: bytes
content-length: 537123
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?mootools-core-481605f6.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?mootools-core-481605f6.js
IP 68.65.122.186:0
GET /media/template/gzip.php?mootools-core-481605f6.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
x-powered-by: PHP/7.4.33
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotour2.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotour2.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotour2.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 352594
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours10.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours10.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours10.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 281151
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/pesapal_logo.png
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/pesapal_logo.png
IP 68.65.122.186:0
GET /images/pesapal_logo.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 24448
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours14.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours14.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours14.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 333676
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours8.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours8.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours8.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 263566
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours25.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours25.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours25.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 340363
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours17.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours17.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours17.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 329842
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours5.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours5.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours5.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 243463
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours23.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours23.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours23.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 339618
content-type: image/jpeg
X-Firefox-Spdy: h2
www.yourafricansafari.com/images/widget/your-african-safari-4.png
104.21.8.252404 Not Found 0 B URL HTTP/2 www.yourafricansafari.com/images/widget/your-african-safari-4.png
IP 104.21.8.252:0
GET /images/widget/your-african-safari-4.png HTTP/1.1
Host: www.yourafricansafari.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 04 Dec 2022 13:33:53 GMT
content-type: text/html; charset=UTF-8
vary: Cookie, Accept-Encoding
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: BYPASS
set-cookie: sessionid=eyJ1dWlkIjoiN2JhMmE2NjMtODg1Mi00OWJiLTgyMzUtZmQyMzI4ZjUzNDlkIn0:1p1p7x:NBwMmtpareccdGstCluX7WSRgDTBFSBMpqCC1xwKDQI; expires=Sun, 18 Dec 2022 13:33:53 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=Lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6muK2RURmAldaoOTEqc%2BdqvT6bnce1d841Y%2B4NLJ6aM3%2BTBHvwzuEXUuuMYSsNBRdsfUjVvaSNh04lJTHCHrQh%2Ffaszk28qMT%2B3PJm7gvgakZ39O%2FC9jv3g%2FWOr21Wer4AQ7VQo6L54LBfl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7744ea94585f1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours11.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours11.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours11.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 292108
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours18.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours18.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours18.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 286155
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours13.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours13.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours13.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 298352
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotour6.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotour6.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotour6.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 130187
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/safaris/amboseli-elephants.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/safaris/amboseli-elephants.jpg
IP 68.65.122.186:0
GET /images/safaris/amboseli-elephants.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:29 GMT
accept-ranges: bytes
content-length: 59912
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?jquery-migrate.min-d90f61f8.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?jquery-migrate.min-d90f61f8.js
IP 68.65.122.186:0
GET /media/template/gzip.php?jquery-migrate.min-d90f61f8.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
x-powered-by: PHP/7.4.33
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?jquery.min-45fe031d.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?jquery.min-45fe031d.js
IP 68.65.122.186:0
GET /media/template/gzip.php?jquery.min-45fe031d.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
x-powered-by: PHP/7.4.33
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?slideshow.min-6b1ad39a.css
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?slideshow.min-6b1ad39a.css
IP 68.65.122.186:0
GET /media/template/gzip.php?slideshow.min-6b1ad39a.css HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
x-powered-by: PHP/7.4.33
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?mootools-more-ea188992.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?mootools-more-ea188992.js
IP 68.65.122.186:0
GET /media/template/gzip.php?mootools-more-ea188992.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
x-powered-by: PHP/7.4.33
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours2.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours2.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours2.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 434031
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours20.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours20.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours20.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 314334
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours26.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours26.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours26.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 226076
content-type: image/jpeg
X-Firefox-Spdy: h2
widget.getyourguide.com/dist/pa.umd.production.min.js
54.230.111.122200 OK 0 B URL HTTP/2 widget.getyourguide.com/dist/pa.umd.production.min.js
IP 54.230.111.122:0
GET /dist/pa.umd.production.min.js HTTP/1.1
Host: widget.getyourguide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Sun, 04 Dec 2022 13:20:33 GMT
last-modified: Thu, 20 Oct 2022 13:02:56 GMT
etag: W/"a8ac2108d9f5a6f9ee38eae2307faa21"
cache-control: max-age=3600, public, must-revalidate
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eTm5ulIeqsP6ZAiIvj88vuuQ3vMTP1v_0yakiK22d0UHjsHka2y7Yg==
age: 800
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?slideshow.min-14e73ec0.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?slideshow.min-14e73ec0.js
IP 68.65.122.186:0
GET /media/template/gzip.php?slideshow.min-14e73ec0.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
x-powered-by: PHP/7.4.33
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours16.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours16.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours16.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 386239
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours15.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours15.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours15.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 273026
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours3.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours3.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours3.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 311961
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours19.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours19.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours19.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 270008
content-type: image/jpeg
X-Firefox-Spdy: h2
widget.getyourguide.com/pw/latest/client-loader/widget.js
54.230.111.122200 OK 0 B URL HTTP/2 widget.getyourguide.com/pw/latest/client-loader/widget.js
IP 54.230.111.122:0
GET /pw/latest/client-loader/widget.js HTTP/1.1
Host: widget.getyourguide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Mon, 14 Nov 2022 13:51:04 GMT
server: AmazonS3
content-encoding: br
date: Sun, 04 Dec 2022 13:32:34 GMT
cache-control: max-age=100, public, must-revalidate
etag: W/"4ec5e63a4170d800f982a31dccc5b6c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aCzVTZSWvOiRTxqf8lavkbXCFqVvH7opEzoceeKgf7OAQzoowYD0kw==
age: 79
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?core-d38c101f.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?core-d38c101f.js
IP 68.65.122.186:0
GET /media/template/gzip.php?core-d38c101f.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
x-powered-by: PHP/7.4.33
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours9.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours9.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours9.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 489838
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/kato_logo_white.png
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/kato_logo_white.png
IP 68.65.122.186:0
GET /images/kato_logo_white.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Fri, 27 Mar 2020 10:32:48 GMT
accept-ranges: bytes
content-length: 139873
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?jquery-noconflict-52794473.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?jquery-noconflict-52794473.js
IP 68.65.122.186:0
GET /media/template/gzip.php?jquery-noconflict-52794473.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
x-powered-by: PHP/7.4.33
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/logo-1.png
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/logo-1.png
IP 68.65.122.186:0
GET /images/logo-1.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 60171
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours30.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours30.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours30.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 373781
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours29.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours29.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours29.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=ca9a1ff7f291bf1654452bac123d4a67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:33:52 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 345939
content-type: image/jpeg
X-Firefox-Spdy: h2