staging.hotelviladepremia.com/
167.86.73.18301 Moved Permanently 162 B URL HTTP/1.1 staging.hotelviladepremia.com/
IP 167.86.73.18:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 16 Nov 2022 04:34:30 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://staging.hotelviladepremia.com/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3860
Expires: Wed, 16 Nov 2022 05:38:50 GMT
Date: Wed, 16 Nov 2022 04:34:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fe5a11c3ca8a150aad830b739f24b58
898b730b1a66dd49c6f018333ba828410f63f347
2c3a2a8a3dfa29808bd550718025fdf355e4a88235cb50ae978abc00ee5fd23b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6564
Cache-Control: max-age=114361
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:34:30 GMT
Etag: "63736a6b-1d7"
Expires: Thu, 17 Nov 2022 12:20:31 GMT
Last-Modified: Tue, 15 Nov 2022 10:31:07 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15190
Expires: Wed, 16 Nov 2022 08:47:40 GMT
Date: Wed, 16 Nov 2022 04:34:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 16 Nov 2022 03:44:43 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2987
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3X+zikLoQ8bENnWq2gAbDnXUxHgZLANc2xGDXZhJChAmWvH5fpF3igYkaewQsbdM+uTxhAFTi9E=
x-amz-request-id: JTYD4MG08PSAB2JP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 16 Nov 2022 04:14:33 GMT
age: 1197
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b169069d6bcc21f09f96b7e7006ab0b6
2a1510e0d2316549819f318fd2d011788020ec9d
767b1c66e61d980f7414fb06ede890412e01f0f8c88f1f197e3283c8684c303b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "767B1C66E61D980F7414FB06EDE890412E01F0F8C88F1F197E3283C8684C303B"
Last-Modified: Wed, 16 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 16 Nov 2022 10:34:31 GMT
Date: Wed, 16 Nov 2022 04:34:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 16 Nov 2022 04:25:01 GMT
cache-control: public,max-age=3600
age: 570
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de57a2d376db743a3987c454889f1f21
0defab699bdb1b158026f93c2dd105bcd65f6764
b1c47a81ac45af6f756a8eca8ef14a82f0113ea8f09dae7a285a4491963ae2ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6457
Cache-Control: max-age=109201
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:34:31 GMT
Etag: "637356af-1d7"
Expires: Thu, 17 Nov 2022 10:54:32 GMT
Last-Modified: Tue, 15 Nov 2022 09:06:55 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.13.173.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.173.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XfHUjvBJf5RRSdT7XWCb4Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GSW/hsRAwINWhujfz0jxrGB+SaQ=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8974
Expires: Wed, 16 Nov 2022 07:04:06 GMT
Date: Wed, 16 Nov 2022 04:34:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8974
Expires: Wed, 16 Nov 2022 07:04:06 GMT
Date: Wed, 16 Nov 2022 04:34:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8974
Expires: Wed, 16 Nov 2022 07:04:06 GMT
Date: Wed, 16 Nov 2022 04:34:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8974
Expires: Wed, 16 Nov 2022 07:04:06 GMT
Date: Wed, 16 Nov 2022 04:34:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8974
Expires: Wed, 16 Nov 2022 07:04:06 GMT
Date: Wed, 16 Nov 2022 04:34:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98802857df59f8eacd9211811cc59ae6
87e277a627c1085cad5c6e38bdd5100aa0a9ecee
102e73f690a972da6d3ab609ffab5f29884185d85c4230a19ec74d74c7320cf1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8235
x-amzn-requestid: e8a91ec0-fa93-45b6-8dc8-a405c00242fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY4_HANoAMFSvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740839-3ebbd38b0e3e774923ad019e;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QoxGYkibw1jcAuQl98jD4TlKooUlL6ojdOVzQ7khiF0pMwY4_0IO9Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:48:37 GMT
age: 24355
etag: "87e277a627c1085cad5c6e38bdd5100aa0a9ecee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZLWa-RphwZqiAmeqffmEE8Mmfsfs9ZYz0bmANBEc5Ru1--VKDL4Fsw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:17:19 GMT
age: 22633
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bcd9120-f81d-4ec1-9b84-ae23f33b9b8d.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bcd9120-f81d-4ec1-9b84-ae23f33b9b8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c774a9a33f0c86087fe36fe18cf02db8
d81bf6504b30d50cf9cb14f8efca8e961f422a57
80f2913428758b1250218865a3e6697881ed3ed626f702c94fd0a5c7f354a2b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bcd9120-f81d-4ec1-9b84-ae23f33b9b8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 4945a047-3048-4dfb-aba5-6cde2b52b240
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEAG7roAMF30Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-6928cd8c1439aac80444cd7b;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ls987SlzVbSWiZwE4ahKBdQ_vJknoy88LkGHnEYfie4M1l584VbB_w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:54:49 GMT
etag: "d81bf6504b30d50cf9cb14f8efca8e961f422a57"
content-type: image/jpeg
age: 23983
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed2eb8cd1cffa83445bfc822fff3cd95
5d6f0e9bec236755d70ac6779e86684795e5c798
6b3e294fc0977cd09c1565d5a6396a63b2ad5f7005b9f1e136c33cedae49f436
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8236
x-amzn-requestid: 74104064-6d6f-44ef-ad9f-6550971f17f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEBET6oAMF_cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-269579cf1723940b16588c76;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vy-8T_ncnJ9GcoWYpY3JStTpjIw0BWjuagrkuoThABdT9FSq3lfVlA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:54:51 GMT
etag: "5d6f0e9bec236755d70ac6779e86684795e5c798"
content-type: image/jpeg
age: 23981
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a698bf97cc6c0c464ed1a2b2adb1c1d3
a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0
64d52d8983b2bf30b9b1f260b8d6534664024b8dfda0da273307ee510ed33aad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4919
x-amzn-requestid: aae0d2da-e891-40a6-bd83-8942fc3ef0c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFFEnxoAMFdCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406ed-6ff1cc593aa1c934659030db;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: EoSIjUgouoxAtnpWMBPNTjLfmm_Anv7R5mYNdb5Ik9RrgxJg_nZ1rQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:48:37 GMT
age: 24355
etag: "a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edd6a84f848a83f4d1990f92b4807def
bc2bb7815b062941d51fde65574851db55be37dc
4d015538adfa6c61a5dfca3cbb224ae91ccbe1d82212e997e22f895a77387bed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6629
x-amzn-requestid: ff03ae40-8d00-41ec-875f-b49b1b86151c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY6CG9IoAMF8rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740840-7fdaa40f3ca9246045270665;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Wn2txfVMcQZgjTT0ny5o_j87O-eidXenBmzitM6zJec0i40Bs1zgGQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:05:26 GMT
age: 23346
etag: "bc2bb7815b062941d51fde65574851db55be37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 15b877e3c04a13242f1e8d068e8cb9ed
f1a1a051ce4b6f820bb1e54d6e526a7a07e84117
dacb6aa3a7588b55169efba42082deb1576d69e60ea564826300b404087969e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:34:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 15b877e3c04a13242f1e8d068e8cb9ed
f1a1a051ce4b6f820bb1e54d6e526a7a07e84117
dacb6aa3a7588b55169efba42082deb1576d69e60ea564826300b404087969e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:34:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 15b877e3c04a13242f1e8d068e8cb9ed
f1a1a051ce4b6f820bb1e54d6e526a7a07e84117
dacb6aa3a7588b55169efba42082deb1576d69e60ea564826300b404087969e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:34:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3dc58f0dcba4ac9021f62c5c1c862e91
d67cf5a8968b75d0d6893054f5201e015be19ecc
75d4e57dc6c25d2456a7513572a97de5f1c1caead2822c8a985da9b8dfa55f89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:34:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 15b877e3c04a13242f1e8d068e8cb9ed
f1a1a051ce4b6f820bb1e54d6e526a7a07e84117
dacb6aa3a7588b55169efba42082deb1576d69e60ea564826300b404087969e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:34:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staging.hotelviladepremia.com/wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1662368303
167.86.73.18200 OK 4.3 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1662368303
IP 167.86.73.18:0
File type Unicode text, UTF-8 text, with very long lines (26316), with no line terminators
Hash 655c5cde0f5f550dafd28da499111b29
a115c1500bb2be57442a1fd7198d707ffce5e966
0acedb1f1a9e6635756eed16d06b359a218a2790fb1b1bc9d39fae32de50bc6d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1662368303 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:58:23 GMT
etag: W/"6315ba2f-66d0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/css/style.css?ver=4.2
167.86.73.18200 OK 1.1 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/css/style.css?ver=4.2
IP 167.86.73.18:0
File type ASCII text, with very long lines (2393)
Hash 051148b8c22cc307da301f89c407f2f4
72e8488e8f62643cbcc54f68c694a13f43d9e789
be335523cee5c64fb2e6c29096c166b007cb05c74089e811741514a9381a494c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/oscar-hotel-booking-engine/assets/css/style.css?ver=4.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:54:25 GMT
etag: W/"6315b941-95a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/moment-with-locales.min.js?ver=6.0.3
104.17.24.14200 OK 54 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/moment-with-locales.min.js?ver=6.0.3
IP 104.17.24.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash da708ff34bb8b91823e05f3dc9c47fc8
776a5586cea14fb983ebbeb47089f23166a7e3a5
c1e79918a76dbe401de5ca772209c8af7c134f43e71f17433a1ac82c255ccf12
GET /ajax/libs/moment.js/2.22.2/moment-with-locales.min.js?ver=6.0.3 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 53699
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-4fc01"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5916200
expires: Mon, 06 Nov 2023 04:34:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3hvDikVmp4X8zDPJG7ZiufW7zlcvByYynihhNEiVxD2UmWFKMDGMsu7tgaMOsjCL8DvbjWdAxQZx02eMV%2BbUIaFRK%2F6LA0ZU0cIle3HzvY1xhiSLY8CtFM%2B%2FsbrQdfZAbQhQo4l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ad83f11b41b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-718123990
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-718123990
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 04903b187d0fab7ebf60a0cbfe3acb99
cb3516d10c6c5cbc6f785c002d29f916b3f35e8f
53adb0acbed148535ceb80394d198bc7344daf1010a3db084a6a661ab64a28fa
GET /gtag/js?id=AW-718123990 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 16 Nov 2022 04:34:38 GMT
expires: Wed, 16 Nov 2022 04:34:38 GMT
cache-control: private, max-age=900
last-modified: Wed, 16 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52989
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 15b877e3c04a13242f1e8d068e8cb9ed
f1a1a051ce4b6f820bb1e54d6e526a7a07e84117
dacb6aa3a7588b55169efba42082deb1576d69e60ea564826300b404087969e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:34:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.1
167.86.73.18200 OK 4.0 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.1
IP 167.86.73.18:0
Hash 929d39869750cc4861c7a5b64cee48bc
b3b4b28191640d8a7eeeddfb59439d36d5e05d5f
7d966d1a19308684a73f1dadde2b8512f11de9b5e17ce4d27616dd75365b7dcc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Thu, 09 Apr 2020 10:10:22 GMT
etag: W/"5e8ef48e-5503"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3dc58f0dcba4ac9021f62c5c1c862e91
d67cf5a8968b75d0d6893054f5201e015be19ecc
75d4e57dc6c25d2456a7513572a97de5f1c1caead2822c8a985da9b8dfa55f89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:34:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staging.hotelviladepremia.com/wp-content/themes/betheme/images/logo/logo.png
167.86.73.18200 OK 1.3 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/images/logo/logo.png
IP 167.86.73.18:0
File type PNG image data, 129 x 30, 8-bit colormap, non-interlaced\012- data
Hash 106247894ca5953b46daadc299df224f
044d44ffdbc651cfeba424212358b1142e373a39
00f31e318f7681fa708a4aeb998b713ede05ba9f2bab7058cf9275ee2a26fb8f
GET /wp-content/themes/betheme/images/logo/logo.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: image/png
content-length: 1317
last-modified: Mon, 27 May 2019 12:03:41 GMT
etag: "5cebd21d-525"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700%7CMontserrat:regular,700,100,200,300,900&subset=latin%2Clatin-ext
142.250.74.10200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700%7CMontserrat:regular,700,100,200,300,900&subset=latin%2Clatin-ext
IP 142.250.74.10:0
Hash 7efa523da60620ad4bcd0f6ec74adf1e
119d85758e0d4394429c25879ae9cb9d2f60037d
cf8b49388dd46f497a2dfaffc052f42f482dd73cfa747cff2295c09888208202
GET /css?family=Poppins:300,regular,500,600,700%7CMontserrat:regular,700,100,200,300,900&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 16 Nov 2022 04:34:38 GMT
date: Wed, 16 Nov 2022 04:34:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/1010377-1630x860.jpg
167.86.73.18200 OK 309 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/1010377-1630x860.jpg
IP 167.86.73.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=Panasonic, model=DMC-G80, xresolution=128, yresolution=136, resolutionunit=2, software=Capture One Pro 12.0 Windows, copyright=David Martinez Fernandez], baseline, precision 8, 1630x860, components 3\012- data
Size 309 kB (309166 bytes)
Hash c0c2dc69405fffb43f4cfd8133885f39
62a03bfc0d70b4d0cb27cb1cc730502e70a1ad9f
0cc651d7466d872bf29d0511514cfe6933b45fe3abccf3cc903ce4923597e4fe
GET /wp-content/uploads/2019/12/1010377-1630x860.jpg HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: image/jpeg
content-length: 309166
last-modified: Wed, 18 Dec 2019 18:33:30 GMT
etag: "5dfa70fa-4b7ae"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/057-real-estate.png
167.86.73.18200 OK 7.7 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/057-real-estate.png
IP 167.86.73.18:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash dff43fd7a24c10adb8f8d0bb910ac287
303c815920b4772683c21f70b3603c7d88d953bb
ebf8c0555897148ffbcb6f5bd59a833af00af286baff2a7a1b8c3692436c562e
GET /wp-content/uploads/2019/12/057-real-estate.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: image/png
content-length: 7655
last-modified: Fri, 13 Dec 2019 17:27:00 GMT
etag: "5df3c9e4-1de7"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/118-verified-1.png
167.86.73.18200 OK 6.5 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/118-verified-1.png
IP 167.86.73.18:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash f2f413b4f6b3070c12dbf9bf244f5c9f
21f743c0b77180ce11537274d0f93a1f8b798d60
5cdc66dcd9f5090919edea305e369a27e7237032b721a310f73e7ec0a5e8eb96
GET /wp-content/uploads/2019/12/118-verified-1.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: image/png
content-length: 6501
last-modified: Fri, 13 Dec 2019 17:27:10 GMT
etag: "5df3c9ee-1965"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/077-like.png
167.86.73.18200 OK 7.6 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/077-like.png
IP 167.86.73.18:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 83c6399dad3f08149cced225690ec587
08e224af078b00b7733c38cfcb0e637f07d31577
cf4335c4d1d5c623298f6b08ffc30a480ae54f2e5b0993a9611ff4c0eb8ce3d9
GET /wp-content/uploads/2019/12/077-like.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: image/png
content-length: 7634
last-modified: Fri, 13 Dec 2019 17:27:03 GMT
etag: "5df3c9e7-1dd2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/109-hotel-5.png
167.86.73.18200 OK 7.4 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/109-hotel-5.png
IP 167.86.73.18:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 1dc0f7e24a3dd59cd207fc37c8ac37c5
e3d430c0da06a46e02bed47507df04ab147d3f7b
d3c3ff66cdb1793644102729a9721101d7382a860aa067f228120766c6a1506a
GET /wp-content/uploads/2019/12/109-hotel-5.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: image/png
content-length: 7410
last-modified: Fri, 13 Dec 2019 17:27:06 GMT
etag: "5df3c9ea-1cf2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/016-payment-1.png
167.86.73.18200 OK 8.3 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/016-payment-1.png
IP 167.86.73.18:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 5bedd30f623b0534d2e5580378a35606
2e478f89f40100e3930d0637971040c5a6b47db1
c72c674d1fc633192897ba5c0b25609e76a275de4b6f992b8fc5bbfa80b7628e
GET /wp-content/uploads/2019/12/016-payment-1.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: image/png
content-length: 8338
last-modified: Fri, 13 Dec 2019 17:26:57 GMT
etag: "5df3c9e1-2092"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.1
167.86.73.18200 OK 46 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.1
IP 167.86.73.18:0
File type ASCII text, with very long lines (65322)
Hash 6c485cc6be1517a68a53775807854e7a
56caaaf80399c58d964c89445a83d3a9c4252c42
02ded9b5b2055a05e226d98927e3a556b796bb6b860fe700c575e766e2f20f7e
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Thu, 09 Apr 2020 10:10:22 GMT
etag: W/"5e8ef48e-1f855"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/
167.86.73.18200 OK 36 kB URL HTTP/2 staging.hotelviladepremia.com/
IP 167.86.73.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (38083)
Hash 5fbcba0c4ec5772af76542eba15f71f9
ef8426ded4148f9bbde6eeedc30bf83c6ea455f2
7bd4e9d88cd6ef2278de2ac46990360634411b0aa01d9cd13a131df76b634810
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
link: <https://staging.hotelviladepremia.com/wp-json/>; rel="https://api.w.org/", <https://staging.hotelviladepremia.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <https://staging.hotelviladepremia.com/>; rel=shortlink
set-cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; expires=Thu, 17-Nov-2022 04:34:31 GMT; Max-Age=86400; path=/; secure
qMuPUgcpZWl_IGx=HbyGIF7vU0z; expires=Thu, 17-Nov-2022 04:34:31 GMT; Max-Age=86400; path=/; secure
tfhBnUHVz=IUDNnaBfW2%404%2Ag; expires=Thu, 17-Nov-2022 04:34:31 GMT; Max-Age=86400; path=/; secure
PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; path=/
ls-popup-last-displayed=1668573272; expires=Tue, 05-Nov-2024 04:34:32 GMT; Max-Age=62208000; path=/
ls-popup-4=1668573272; expires=Thu, 16-Nov-2023 04:34:32 GMT; Max-Age=31536000
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83df61b514b5f8c1a85884a63c6a46f6
9e92f2bf467a18e36cdd13e774e587d7fe2ff2dc
c61dce4118fa657ad1931a1ba681cf53cee97acc0c24f4f132ccbf899e06ca9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C61DCE4118FA657AD1931A1BA681CF53CEE97ACC0C24F4F132CCBF899E06CA9F"
Last-Modified: Sun, 13 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21533
Expires: Wed, 16 Nov 2022 10:33:32 GMT
Date: Wed, 16 Nov 2022 04:34:39 GMT
Connection: keep-alive
hotelviladepremia.com/wp-content/uploads/2019/05/star.png
167.86.73.18200 OK 542 B URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/05/star.png
IP 167.86.73.18:0
File type PNG image data, 88 x 54, 8-bit colormap, non-interlaced\012- data
Hash f256ee0ce386510627ee99bddcdc8f35
97cf0a026da82db827ef25baefce4159f48c4f1d
0986daa49a27f439ef6e833a3b8440273d2c58f03b888231e6f391739e914cd5
GET /wp-content/uploads/2019/05/star.png HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: image/png
content-length: 542
last-modified: Fri, 19 Jul 2019 09:58:22 GMT
etag: "5d31943e-21e"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3aa44f3285f2639a9486166d160282f
aac3e823166e7cc662e1ad9eaf3f22239df161f3
c8052f0f2e428019f11afe0b3f5b7d03362ba310237e02d9fdd1c80f6a0f7b0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8052F0F2E428019F11AFE0B3F5B7D03362BA310237E02D9FDD1C80F6A0F7B0E"
Last-Modified: Sun, 13 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21511
Expires: Wed, 16 Nov 2022 10:33:10 GMT
Date: Wed, 16 Nov 2022 04:34:39 GMT
Connection: keep-alive
hotelviladepremia.com/wp-content/uploads/2019/05/divider.png
167.86.73.18200 OK 255 B URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/05/divider.png
IP 167.86.73.18:0
File type PNG image data, 7 x 73, 8-bit colormap, non-interlaced\012- data
Hash e8db90c766ab45c9814f1b57dc43fb38
f3f808247e74b74c494b8ed64ea0e9ee52e3b783
fc76a86b7bd274b72d60d8ac1a80f3391718355940f12db3c628fa823f9556b0
GET /wp-content/uploads/2019/05/divider.png HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: image/png
content-length: 255
last-modified: Fri, 19 Jul 2019 10:01:41 GMT
etag: "5d319505-ff"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-843.jpg
167.86.73.18200 OK 359 kB URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-843.jpg
IP 167.86.73.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, description= , manufacturer=SONY, model=DSC-RX100M2, xresolution=196, yresolution=204, resolutionunit=2, software=Capture One 12.0 Windows, datetime=2014:06:27 19:58:10], baseline, precision 8, 4923x3282, components 3\012- data
Size 359 kB (359363 bytes)
Hash 9e65f3c61a3af8af7747226a7fb677cd
acca5603e422bffc935a31a9c50f4b126cdfca23
f522bc6464bc3350c4d385c343e9f4ab8d70a5732d64ba7510ebfd08509db967
GET /wp-content/uploads/2019/07/sin-t%C3%ADtulo-843.jpg HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: image/jpeg
content-length: 359363
last-modified: Fri, 19 Jul 2019 10:34:23 GMT
etag: "5d319caf-57bc3"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 800 B IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash 6f80495e9f7a23e0861b808d3496f060
d798bcaeeabf8ec4f57f74754d5c701cb135c4da
365d3f3aa25a85ad0fb73ad97f59571cf5fe89873751dc2bf47d3d2e56a26852
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6555
Cache-Control: max-age=131998
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:34:39 GMT
Etag: "6373af62-116"
Expires: Thu, 17 Nov 2022 17:14:37 GMT
Last-Modified: Tue, 15 Nov 2022 15:25:22 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-19.jpg
167.86.73.18200 OK 1.4 MB URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-19.jpg
IP 167.86.73.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=FUJIFILM, model=X-T1, xresolution=126, yresolution=134, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 8.2 (Windows), datetime=2019:05:23 12:39:37], baseline, precision 8, 4896x3264, components 3\012- data
Size 1.4 MB (1409126 bytes)
Hash f1981202c54cf2fe28be20e898b65cd5
a081c3ad3c674932c82fd2b1987a5138e1d97141
3f8b772f793eac6c65d860d52c0d5c3f2784f0649ff84a7b15e1b7aee3e2a46b
GET /wp-content/uploads/2019/07/sin-t%C3%ADtulo-19.jpg HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: image/jpeg
content-length: 1409126
last-modified: Fri, 19 Jul 2019 10:26:04 GMT
etag: "5d319abc-158066"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/fonts/mfn-icons.woff?93978679
167.86.73.18200 OK 81 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/fonts/mfn-icons.woff?93978679
IP 167.86.73.18:0
File type Web Open Font Format, TrueType, length 81012, version 1.0\012- data
Hash ddef8e5d5ade8082730b2f85ffd0d069
40616a712428f21df7a02089b403cee26cab9017
a7394aa489117966925428adf2285efbb983045673314c585c1190b78b1f2afb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/fonts/mfn-icons.woff?93978679 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/wp-content/themes/betheme/css/base.css?ver=21.2.2
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: application/font-woff
content-length: 81012
last-modified: Mon, 27 May 2019 12:03:20 GMT
etag: "5cebd208-13c74"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/05/hotel-palms-bg.jpg
167.86.73.18200 OK 55 kB URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/05/hotel-palms-bg.jpg
IP 167.86.73.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1099, components 3\012- data
Hash e0d669c168afd68d24b4a475a915a2ec
43f0985f669cf0c9b0bd4df1d1b74e1fb172de02
3a872fbddfb0da3766a4aa347c6bb21a294d873a976e09f64a82338415013d17
GET /wp-content/uploads/2019/05/hotel-palms-bg.jpg HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: image/jpeg
content-length: 55013
last-modified: Fri, 19 Jul 2019 10:00:02 GMT
etag: "5d3194a2-d6e5"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/images/stripes/stripes_3_b.png
167.86.73.18200 OK 974 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/images/stripes/stripes_3_b.png
IP 167.86.73.18:0
File type PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash b5d66cece54745f352d2d52e6195a4ee
7b7313014426b12f9d51e4deb9ba237f11759dcf
30cb91834555c22273bd8f0d521bebaff6020b2e54bae4ccfc199f4a1daaf2eb
GET /wp-content/themes/betheme/images/stripes/stripes_3_b.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/wp-content/themes/betheme/css/shortcodes.css?ver=21.2.2
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: image/png
content-length: 974
x-accel-version: 0.01
last-modified: Mon, 27 May 2019 12:03:44 GMT
etag: "3ce-589dd5700c800"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15
167.86.73.18200 OK 8.4 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15
IP 167.86.73.18:0
Hash 0fe1729d4f6399b4638f6b8ba5c51627
a7150d2aa12ce3f80425256801032b3334bd43a9
bf8ad29d94d9348edff1b0c573072af5331e288eea658d9db7cab3e565a12bb3
GET /wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:50:00 GMT
etag: W/"6315b838-1f7d7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
167.86.73.18200 OK 1.5 kB URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 167.86.73.18:0
File type ASCII text, with very long lines (3233)
Hash 005b75cd1e505b6c4612b58ac11af721
2c7744c5f7db9701a6fc9f079832840f23e1f1cc
fbc83c08ecde0e581cf1feb6ad204c48843a948aa6485c39966ce2759f5c4d0a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-d53"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:34:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:34:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:34:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
167.86.73.18200 OK 22 kB URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
IP 167.86.73.18:0
File type HTML document, ASCII text, with very long lines (25274)
Hash c505cde141cd83e73f2bb6e8c8c918b0
b300be47115004c0fbb990ab602d89b19fb0869d
bb2e21a7a795a628c8fbfca6af5e49e8b93bdd75212b8c5a8995b9621abdee86
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-636f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/js/menu.js?ver=21.2.2
167.86.73.18200 OK 17 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/js/menu.js?ver=21.2.2
IP 167.86.73.18:0
Hash 2caa75b16140d3ca8a1f12ef12f4c42b
4bba6c1ecc1a4e4b84442f9e0acc4665ef81b12d
9f7fe888ad862747386ba21573c9f7c0a2f5459e22d4a93d07fd2ba55128ac84
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/menu.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:45 GMT
etag: W/"5cebd221-98d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:08 GMT
expires: Thu, 09 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 550831
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
167.86.73.18200 OK 34 kB URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
IP 167.86.73.18:0
File type ASCII text, with very long lines (8632)
Hash 6a3d20a277bfc437953fdd1930b80862
c15925132e9d4a44b0e8e8a755436ac293fc44a1
d4942c4d5805768a4441783d113c6e4bc4f072654166ee35b777c1ddc0bc9a95
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-226e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.2.2
167.86.73.18200 OK 28 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.2.2
IP 167.86.73.18:0
File type ASCII text, with very long lines (634)
Hash 8206d952e4bef6c5719afbacc79026b3
a7efe8964f88bed4c48868b55176fa9e47d44891
51c0d3cae02a382c256a6171722fb95f56b81b7a85e779fd344d92e7bc777973
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:12 GMT
etag: W/"5cebd200-cd96"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-14-1.jpg
167.86.73.18200 OK 956 kB URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-14-1.jpg
IP 167.86.73.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=FUJIFILM, model=X-T1, xresolution=126, yresolution=134, resolutionunit=2, software=Capture One 12.0 Windows, copyright=David Martinez Fernandez], baseline, precision 8, 4896x3264, components 3\012- data
Size 956 kB (955785 bytes)
Hash d69169c883b94c8940298077655b4e9b
8ca76eb15852db983e8a8a5a336f74b30842a1fb
1571f880c54130cd8dcc191f898c015aef2cbe60b55175b1e57e644693fe006e
GET /wp-content/uploads/2019/07/sin-t%C3%ADtulo-14-1.jpg HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: image/jpeg
content-length: 955785
last-modified: Fri, 19 Jul 2019 17:28:39 GMT
etag: "5d31fdc7-e9589"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
167.86.73.18200 OK 24 kB URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 167.86.73.18:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 225ac48cfa2cabb84b124095850ac7f8
e5cc0d91250db07a7fc4fad3d8e34ff17b59fd3f
eb56310915ac118212c0565adc2f98669a3e24addf57d0149894eb4bcaebbdea
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-50eb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-gsap.min.js?1576586450
167.86.73.18200 OK 1.9 MB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-gsap.min.js?1576586450
IP 167.86.73.18:0
File type ASCII text, with very long lines (32265)
Size 1.9 MB (1909016 bytes)
Hash f81b66fcbfdfbb8676ec50df082b19ae
7caddd8fc705ed8674a5c87ccd546499878c47b6
6bbea14be63518819acff406c002893ce2172f1135ce44d8ae7dc7f3160e39d8
GET /wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-gsap.min.js?1576586450 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:50 GMT
etag: W/"5df8ccd2-1843b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/07/Castell_Burriac.jpg
167.86.73.18200 OK 3.1 MB URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/07/Castell_Burriac.jpg
IP 167.86.73.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 3888x2592, components 3\012- data
Size 3.1 MB (3073709 bytes)
Hash e3d278d34497ad0d9449bfc7f38300a9
3661c788bfb5b3361fb525d6b98e3e8f7f6f0d19
72d59fe8fba59324a7bd77cef9bace35db0114fb6cc892ee441adb9a37a270a8
GET /wp-content/uploads/2019/07/Castell_Burriac.jpg HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: image/jpeg
content-length: 3073709
last-modified: Wed, 24 Jul 2019 15:49:40 GMT
etag: "5d387e14-2ee6ad"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=6.0.3
142.250.74.10200 OK 195 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=6.0.3
IP 142.250.74.10:0
Size 195 kB (194659 bytes)
Hash 2aebc5fe341a1d14f4bee13f595c20ea
1f3d46808dd5d5e0237fc24d823e003b0aaffd2c
d016b343804e4a1bd5f6eab180c42ed2de2155f0d258b25e16866a52d1cf915a
GET /css?family=Montserrat%3A400%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 16 Nov 2022 04:34:38 GMT
date: Wed, 16 Nov 2022 04:34:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-webfontloader.min.js?1576586450
167.86.73.18200 OK 4.7 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-webfontloader.min.js?1576586450
IP 167.86.73.18:0
File type Unicode text, UTF-8 text, with very long lines (12306), with no line terminators
Hash 4383e1ae82554057ace0d332548ec311
ab6311a4686a8caf0a5d74bda6b714ca6910d13d
d064065901708ae16177e7ed7ca69b29fd17d2037984b3faa3a6d9708cc526d4
GET /wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-webfontloader.min.js?1576586450 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:50 GMT
etag: W/"5df8ccd2-3029"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700&ver=6.0.3
142.250.74.10200 OK 192 kB URL HTTP/2 fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700&ver=6.0.3
IP 142.250.74.10:0
Size 192 kB (192058 bytes)
Hash 0a3a6a475cdcb3868874b8990423d34b
9094fe159e04731a929dbd11943e42ac969d672d
c367ded0aa2a3eb0f0620678fea10f48732c77e4acc7e18aa52ff9b35fd8b4bd
GET /css?family=Droid+Sans%3A400%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 16 Nov 2022 04:34:38 GMT
date: Wed, 16 Nov 2022 04:34:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/js/ohbe-common.js?ver=4.2
167.86.73.18200 OK 10 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/js/ohbe-common.js?ver=4.2
IP 167.86.73.18:0
Hash 631d7af00c2f07bab4eb8da82e43055f
277c9dddf21711017a9ffb72fbe9d2ae28a582f9
51bac7c4e1a2695c0909645506836b9221dd4f99da43a76f9fbcac86abcd9f83
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/oscar-hotel-booking-engine/assets/js/ohbe-common.js?ver=4.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:54:25 GMT
etag: W/"6315b941-1803"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2316d2d43aee9525cdb65b3eb2ff53a0
cad4229071cf919cb3471632ac4924cfd1a97431
99d5cce0549dbb29351735d3e15f9cde16b2ca18c57581c8110b2c54998fa28d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:34:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.1
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.1
IP 167.86.73.18:0
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Thu, 09 Apr 2020 10:10:22 GMT
etag: W/"5e8ef48e-1e026"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/js/bootstrap_ohbe_datepicker.min.js?ver=6.0.3
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/js/bootstrap_ohbe_datepicker.min.js?ver=6.0.3
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/oscar-hotel-booking-engine/assets/js/bootstrap_ohbe_datepicker.min.js?ver=6.0.3 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:54:25 GMT
etag: W/"6315b941-83d9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:48:46 GMT
etag: W/"6315b7ee-8583"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-frontend.min.js?1576586450
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-frontend.min.js?1576586450
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-frontend.min.js?1576586450 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:50 GMT
etag: W/"5df8ccd2-e1e5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato%3A400%2C300italic%2C400italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A400%2C300italic%2C400italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Lato%3A400%2C300italic%2C400italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 16 Nov 2022 04:34:38 GMT
date: Wed, 16 Nov 2022 04:34:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/owl.carousel.js?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/owl.carousel.js?ver=1.1.9
IP 167.86.73.18:0
GET /wp-content/plugins/smart-logo-showcase-lite/js/owl.carousel.js?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-1412d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/smls-frontend-style.css?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/smls-frontend-style.css?ver=1.1.9
IP 167.86.73.18:0
GET /wp-content/plugins/smart-logo-showcase-lite/css/smls-frontend-style.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-7c46"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A400%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Roboto%3A400%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 16 Nov 2022 04:34:38 GMT
date: Wed, 16 Nov 2022 04:34:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-2bd8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15
IP 167.86.73.18:0
GET /wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:50:00 GMT
etag: W/"6315b838-35e5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/css/bootstrap-datepicker.standalone.min.css?ver=6.0.3
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/css/bootstrap-datepicker.standalone.min.css?ver=6.0.3
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/oscar-hotel-booking-engine/assets/css/bootstrap-datepicker.standalone.min.css?ver=6.0.3 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:54:25 GMT
etag: W/"6315b941-4044"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/css/base.css?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/css/base.css?ver=21.2.2
IP 167.86.73.18:0
GET /wp-content/themes/betheme/css/base.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:18 GMT
etag: W/"5cebd206-da71"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/popup-contact.css?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/popup-contact.css?ver=1.1.9
IP 167.86.73.18:0
GET /wp-content/plugins/smart-logo-showcase-lite/css/popup-contact.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"278-5e7ea3dbf2bc8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-2ea1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/5da74948df22d913399f816e/default
104.22.25.131200 OK 0 B URL HTTP/2 embed.tawk.to/5da74948df22d913399f816e/default
IP 104.22.25.131:0
GET /5da74948df22d913399f816e/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-635a92a45e8"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76ad83f41a62b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/css/toolbar.css?ver=6.0.15
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/css/toolbar.css?ver=6.0.15
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-language-translator/css/toolbar.css?ver=6.0.15 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:50:00 GMT
etag: W/"6315b838-1664"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/smls-responsive.css?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/smls-responsive.css?ver=1.1.9
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/css/smls-responsive.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-1231"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C600%2C700%2C800&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C600%2C700%2C800&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Open+Sans%3A400%2C300%2C600%2C700%2C800&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 16 Nov 2022 04:34:38 GMT
date: Wed, 16 Nov 2022 04:34:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
142.250.74.46200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
IP 142.250.74.46:0
GET /translate_a/element.js?cb=GoogleLanguageTranslatorInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 16 Nov 2022 04:34:38 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+327; expires=Fri, 15-Nov-2024 04:34:38 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 16 Nov 2022 04:34:38 GMT
date: Wed, 16 Nov 2022 04:34:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A300%2C400%2C400italic%2C500%2C700%2C700italic&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A300%2C400%2C400italic%2C500%2C700%2C700italic&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Roboto%3A300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A300%2C400%2C400italic%2C500%2C700%2C700italic&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 16 Nov 2022 04:34:38 GMT
date: Wed, 16 Nov 2022 04:34:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-22-1.jpg
167.86.73.18200 OK 0 B URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-22-1.jpg
IP 167.86.73.18:0
GET /wp-content/uploads/2019/07/sin-t%C3%ADtulo-22-1.jpg HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: image/jpeg
content-length: 1329754
last-modified: Fri, 19 Jul 2019 17:29:10 GMT
etag: "5d31fde6-144a5a"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:48:46 GMT
etag: W/"6315b7ee-c22"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/js/plugins.js?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/js/plugins.js?ver=21.2.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/plugins.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:46 GMT
etag: W/"5cebd222-2f7c3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/smls-frontend-script.js?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/smls-frontend-script.js?ver=1.1.9
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/js/smls-frontend-script.js?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-19a7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/tooltipster.bundle.js?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/tooltipster.bundle.js?ver=1.1.9
IP 167.86.73.18:0
GET /wp-content/plugins/smart-logo-showcase-lite/js/tooltipster.bundle.js?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-1d059"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-15b64"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/owl.carousel.css?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/owl.carousel.css?ver=1.1.9
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/css/owl.carousel.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-17f5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.2.2
IP 167.86.73.18:0
GET /wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:13 GMT
etag: W/"5cebd201-48eb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/css/shortcodes.css?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/css/shortcodes.css?ver=21.2.2
IP 167.86.73.18:0
GET /wp-content/themes/betheme/css/shortcodes.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:17 GMT
etag: W/"5cebd205-217f9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/css/responsive.css?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/css/responsive.css?ver=21.2.2
IP 167.86.73.18:0
GET /wp-content/themes/betheme/css/responsive.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:17 GMT
etag: W/"5cebd205-dceb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Merriweather+Sans%3A300%2C400%2C700%2C800+Sans%3A300%2C400%2C700&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Merriweather+Sans%3A300%2C400%2C700%2C800+Sans%3A300%2C400%2C700&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Merriweather+Sans%3A300%2C400%2C700%2C800+Sans%3A300%2C400%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 16 Nov 2022 04:34:38 GMT
date: Wed, 16 Nov 2022 04:34:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/js/scripts.js?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/js/scripts.js?ver=21.2.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/scripts.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:45 GMT
etag: W/"5cebd221-10b73"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2019 13:50:17 GMT
etag: W/"5df78b99-e1a2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/font-awesome.min.css?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/font-awesome.min.css?ver=1.1.9
IP 167.86.73.18:0
GET /wp-content/plugins/smart-logo-showcase-lite/css/font-awesome.min.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-7187"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/css/layout.css?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/css/layout.css?ver=21.2.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/css/layout.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:18 GMT
etag: W/"5cebd206-1ca8b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/inc/smls-block/smls-block.css?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/inc/smls-block/smls-block.css?ver=1.1.9
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/inc/smls-block/smls-block.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"95-5e7ea3dbf5aa8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.2.2
IP 167.86.73.18:0
GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:12 GMT
etag: W/"5cebd200-e48c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/tooltipster.bundle.css?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/tooltipster.bundle.css?ver=1.1.9
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/css/tooltipster.bundle.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-4162"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/smartslider.min.css?1576586449
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/smartslider.min.css?1576586449
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nextend-smart-slider3-pro/library/media/smartslider.min.css?1576586449 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2019 12:40:49 GMT
etag: W/"5df8ccd1-4cc6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js?ver=6.0.3
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js?ver=6.0.3
IP 104.18.10.207:0
GET /bootstrap/3.3.7/js/bootstrap.min.js?ver=6.0.3 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5869c96cc8f19086aee625d670d741f9"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 08/20/2022 02:31:21
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 0d1b14913827ad56e2b1a0c20b55f038
cdn-cache: HIT
cf-cache-status: HIT
age: 2522783
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76ad83f15b710afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.0
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.0
IP 167.86.73.18:0
GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.0 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 22:29:12 GMT
etag: W/"636986b8-2e3b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2019 13:50:15 GMT
etag: W/"5df78b97-24ca1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5
IP 167.86.73.18:0
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2019 13:50:15 GMT
etag: W/"5df78b97-43767"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.1
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.1
IP 167.86.73.18:0
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Thu, 09 Apr 2020 10:10:22 GMT
etag: W/"5e8ef48e-5513"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.2.2
IP 167.86.73.18:0
GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:13 GMT
etag: W/"5cebd201-266a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/dist/smartslider-frontend.min.js?1576586448
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/dist/smartslider-frontend.min.js?1576586448
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nextend-smart-slider3-pro/library/media/dist/smartslider-frontend.min.js?1576586448 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:48 GMT
etag: W/"5df8ccd0-37db9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.2.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:39 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:12 GMT
etag: W/"5cebd200-71e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/style.css?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/style.css?ver=21.2.2
IP 167.86.73.18:0
GET /wp-content/themes/betheme/style.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Tue, 22 Oct 2019 16:16:02 GMT
etag: W/"15e-595821dcfd480"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oxygen%3A300%2C400%2C700&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oxygen%3A300%2C400%2C700&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Oxygen%3A300%2C400%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 16 Nov 2022 04:34:38 GMT
date: Wed, 16 Nov 2022 04:34:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 167.86.73.18:0
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-15db1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1662368303
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1662368303
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1662368303 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:58:23 GMT
etag: W/"6315ba2f-e6f5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/plugins/type/carousel/carousel/dist/smartslider-carousel-single-type-frontend.min.js?1576586448
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/plugins/type/carousel/carousel/dist/smartslider-carousel-single-type-frontend.min.js?1576586448
IP 167.86.73.18:0
GET /wp-content/plugins/nextend-smart-slider3-pro/library/media/plugins/type/carousel/carousel/dist/smartslider-carousel-single-type-frontend.min.js?1576586448 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=l8fe10kfga145bcd7jvc3gub6m; ls-popup-last-displayed=1668573272; ls-popup-4=1668573272
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:34:38 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:48 GMT
etag: W/"5df8ccd0-247b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2