r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2698
Expires: Sun, 27 Nov 2022 04:43:10 GMT
Date: Sun, 27 Nov 2022 03:58:12 GMT
Connection: keep-alive
wgexpediciones.com/en/uyuni-full-day-red-lagoon
301 Moved Permanently 0 B URL HTTP/1.1 wgexpediciones.com/en/uyuni-full-day-red-lagoon
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /en/uyuni-full-day-red-lagoon HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Set-Cookie: pll_language=en; expires=Mon, 27-Nov-2023 03:58:12 GMT; Max-Age=31536000; path=/
Location: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Content-Length: 0
Date: Sun, 27 Nov 2022 03:58:11 GMT
Server: LiteSpeed
ocsp.digicert.com/
200 OK 471 B IP
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5650
Cache-Control: max-age=115626
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 03:58:12 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 12:05:18 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5491
Expires: Sun, 27 Nov 2022 05:29:43 GMT
Date: Sun, 27 Nov 2022 03:58:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 03:17:34 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2438
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8DYADUdJh0ZS7DIBXr/CfIUe1DVVt5cShJ4swzQS3IVs5y4DQXl1a7uDk3w1iHW/SsOVyPVl5Zo=
x-amz-request-id: BPEQYCAHY2D1RDZ1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 03:44:29 GMT
age: 823
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 03:58:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
wgexpediciones.com/en/uyuni-full-day-red-lagoon/
200 OK 16 kB URL HTTP/1.1 wgexpediciones.com/en/uyuni-full-day-red-lagoon/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3712), with CRLF, LF line terminators
Hash aea9c429b5b439ad72bc276791be7e49
9c9228b2c9cd3db4e4e14940071c482f009f204e
617bdfc358a8e302ae60ed786c8000725746f580838708060ab4c69d032af975
Analyzer Verdict Alert fortinet Malware
GET /en/uyuni-full-day-red-lagoon/ HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: pll_language=en
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Link: <http://wgexpediciones.com/wp-json/>; rel="https://api.w.org/", <http://wgexpediciones.com/?p=1400>; rel=shortlink
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=4.8.21
200 OK 7.8 kB URL HTTP/1.1 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=4.8.21
IP
File type ASCII text, with very long lines (30837)
Hash 2b8541fc222de2a638b5d720e60d92df
a761c54286b289c2d6726135157102236fd43b3b
1ea7c857efe5edf417f0ca61fc6790c8ddebd85c24d2b1c3b4a959cc173c286a
GET /font-awesome/4.7.0/css/font-awesome.min.css?ver=4.8.21 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 03:58:12 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CDN-PullZone: 252412
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: DE
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31919000
Content-Encoding: gzip
ETag: W/"269550530cc127b6aa5a35925a7de6ce"
Last-Modified: Mon, 25 Jan 2021 22:04:55 GMT
CDN-CachedAt: 08/20/2022 02:30:56
CDN-ProxyVer: 1.02
CDN-RequestPullCode: 200
CDN-RequestPullSuccess: True
CDN-EdgeStorageId: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
CDN-Status: 200
CDN-RequestId: f751ff481082657e60f78a964a9dfb5c
CDN-Cache: HIT
CF-Cache-Status: HIT
Age: 3448484
Server: cloudflare
CF-RAY: 7707f1b27a74b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
301 Moved Permanently 167 B URL HTTP/1.1 w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sun, 27 Nov 2022 03:58:12 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
X-Cache: Redirect from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uvNEcc2sT33RP4u-uiuTeDsvgAWnERwPWbyXpVjqIeLEih4p7oQUkQ==
fonts.googleapis.com/css?family=Indie+Flower&ver=4.8.21
200 OK 279 B URL HTTP/1.1 fonts.googleapis.com/css?family=Indie+Flower&ver=4.8.21
IP
Hash c268c7598dd2b29ef10b4c3080f0678a
2caac383121bfd26619677416ff4f19256695818
9997cf2423183740e3b6b142405a3684d4450399c7d6bf2b2346f1ca2a5b05b9
GET /css?family=Indie+Flower&ver=4.8.21 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 27 Nov 2022 03:58:12 GMT
Date: Sun, 27 Nov 2022 03:58:12 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
wgexpediciones.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9
200 OK 687 B URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9
IP
Hash fde407aa8ecfc905a19fd95a3d7a834e
9db021c06fc7502c63143dcaa81629a1537f1a39
d47f762531cea36c459a95000576e9ff5951492c2e395cb8c5d47564425e2edf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: text/css
Last-Modified: Tue, 29 Aug 2017 10:53:40 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 687
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/themes/sydney/css/bootstrap/bootstrap.min.css?ver=1
200 OK 5.1 kB URL HTTP/1.1 wgexpediciones.com/wp-content/themes/sydney/css/bootstrap/bootstrap.min.css?ver=1
IP
File type ASCII text, with very long lines (16271)
Hash c02e0be07bf8bd0efabef456a9e63b8e
2341ed69d8295643906b44e5e1a3e5b0c77c8488
223854fdf255a1d6a25fb40a5fe7c6bcc387aa3948e5b8f2e2ce3f97bc7d5a50
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/sydney/css/bootstrap/bootstrap.min.css?ver=1 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: text/css
Last-Modified: Mon, 28 Aug 2017 18:02:32 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 5072
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
200 OK 7.9 kB URL HTTP/2 w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
IP
File type C source, ASCII text, with very long lines (27236), with no line terminators
Hash 990365ccdf4eebf164214f992d8ddfbc
b485f83e096515d93dfec5d8dc420d571ef06254
947238672d5912dffc77bde8e413752ecd69e6062c68c09ae20274b55f37ffdd
GET /button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://wgexpediciones.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 7903
content-encoding: gzip
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Sat, 26 Nov 2022 21:34:45 GMT
cache-control: max-age=259200
expires: Sun, 27 Nov 2022 15:59:04 GMT
etag: W/"634f185a-6a64"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4U3ieTdfuib-8IHmbBZpnmfZJ9AlnCEktxMVv8mebVo5ta2-oIZnQA==
age: 215948
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
wgexpediciones.com/wp-content/plugins/simple-image-popup//css/magnific-popup.css?ver=4.8.21
200 OK 2.1 kB URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/simple-image-popup//css/magnific-popup.css?ver=4.8.21
IP
Hash f8f21cba02072c5f775d6a39ebf2e5ea
b2969c204c86f2c547fc489963a3472b9a455376
5648fa099d5c79d607eca8b5d2a2ea5b44c228eefb16975d78d1816e2e188242
GET /wp-content/plugins/simple-image-popup//css/magnific-popup.css?ver=4.8.21 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: text/css
Last-Modified: Thu, 26 May 2022 19:07:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2120
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/plugins/pirate-forms/public/css/front.css?ver=2.1.0
200 OK 308 B URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/pirate-forms/public/css/front.css?ver=2.1.0
IP
Hash 6d5bb5b20f0ba4c0af4c65ddb1d3d6a4
8fc06b5fe91960debd0bbe40db3089cc74c3485b
8819ed7c939b08a6fa3c6b1f7c5c24ac6ee3ef39bd4fa87a5a6ec2bd8b11c8d2
GET /wp-content/plugins/pirate-forms/public/css/front.css?ver=2.1.0 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: text/css
Last-Modified: Sat, 02 Sep 2017 12:19:20 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 308
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/uploads/siteorigin-widgets/sow-social-media-buttons-wire-6c39472a5dcd.css?ver=4.8.21
200 OK 496 B URL HTTP/1.1 wgexpediciones.com/wp-content/uploads/siteorigin-widgets/sow-social-media-buttons-wire-6c39472a5dcd.css?ver=4.8.21
IP
Hash 3906229e613190acfa8fb1c64b8ac93c
49f4d7c7656957e21cc25ceb8d2f2c9b0ff46f94
3824dfb847b6b9c200791b63222a28c754338e448a46a2277119f5b510d588c3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/siteorigin-widgets/sow-social-media-buttons-wire-6c39472a5dcd.css?ver=4.8.21 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: text/css
Last-Modified: Fri, 25 Nov 2022 13:08:44 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 496
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/plugins/simple-contact-info-widget/css/hover.css?ver=4.8.21
200 OK 12 kB URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/simple-contact-info-widget/css/hover.css?ver=4.8.21
IP
Hash d71e09e2486ed6f2c79916f7938cfdb3
8736a3de2bba37c61b1c072077c56ade0faf0ac9
48a04c8a3dc4874ae16c0d9e0b789a11843be7a1a3adefa5e0667f85b2b250dc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/simple-contact-info-widget/css/hover.css?ver=4.8.21 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: text/css
Last-Modified: Fri, 15 Sep 2017 12:08:36 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 11622
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/themes/sydney/fonts/font-awesome.min.css?ver=4.8.21
200 OK 7.9 kB URL HTTP/1.1 wgexpediciones.com/wp-content/themes/sydney/fonts/font-awesome.min.css?ver=4.8.21
IP
File type ASCII text, with very long lines (30837)
Hash 7438a1154022437d28516126856bdc9c
02de5513d5eaa24de95874d298d91e7bfae82568
598f569294373e51127d419bcd5da11da3d104a6db21dc45fb7dc80fd7d2bd02
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/sydney/fonts/font-awesome.min.css?ver=4.8.21 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: text/css
Last-Modified: Mon, 28 Aug 2017 18:02:32 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 7949
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=6.2.3
200 OK 2.5 kB URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=6.2.3
IP
File type ASCII text, with very long lines (972)
Hash fe3a6e37e2411e9ea675ceedc8902e7f
b7f904065b22d77c17a35069f8d928d106fa52d6
a4a483d792fa6e2d604855a1157ad58377d3d58d67799015110d653e7e01cf4b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=6.2.3 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: application/javascript
Last-Modified: Tue, 03 Oct 2017 09:38:24 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2470
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/themes/sydney/style.css?ver=20170504
200 OK 18 kB URL HTTP/1.1 wgexpediciones.com/wp-content/themes/sydney/style.css?ver=20170504
IP
File type ASCII text, with very long lines (442)
Hash 16db5919f8a32a31395a29e6740fe1a7
ef1f698680904d4807d65e4fdf5617ca1c8f4886
73c2bb4b16f3ea8b6e46fc6f66d6b4ce88999b3efe067bfe36283eacc8b26d83
GET /wp-content/themes/sydney/style.css?ver=20170504 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: text/css
Last-Modified: Mon, 28 Aug 2017 18:02:32 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 17755
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
200 OK 4.3 kB URL HTTP/1.1 wgexpediciones.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
File type ASCII text, with very long lines (9959)
Hash cbb781ab16adc76588b488d1e472b8a9
85455b9c0b265a0bb9815ce834c67972ff0d437d
4ae120ba11bfa1cb6f71ceeecc5b6a0abe34cb4fb195a46ef3a85b40d1e1244e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 May 2016 03:11:28 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4303
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/plugins/pirate-forms/public/js/scripts-general.js?ver=2.1.0
200 OK 246 B URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/pirate-forms/public/js/scripts-general.js?ver=2.1.0
IP
Hash d990188fad3697fbb743f819ddf20783
97b35cffccf1632ff98ca76a766e1b837d78a2a8
2e20b6fa0ecb4881cc7aa17f0bff4b2787f2c84870469545d8a85b2d8b867493
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pirate-forms/public/js/scripts-general.js?ver=2.1.0 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: application/javascript
Last-Modified: Sat, 02 Sep 2017 12:19:20 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 246
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/uploads/siteorigin-widgets/sow-social-media-buttons-wire-061c9253a1c0.css?ver=4.8.21
200 OK 495 B URL HTTP/1.1 wgexpediciones.com/wp-content/uploads/siteorigin-widgets/sow-social-media-buttons-wire-061c9253a1c0.css?ver=4.8.21
IP
Hash fdb52d09d511464c56ccc110992fe4c1
96f31ac3aa203da37c47e3ce15442b27d1c6f016
65948e7e114affe8f082b7a23494a9c57e1dd384212feb21a555caf4fdf9ef9d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/siteorigin-widgets/sow-social-media-buttons-wire-061c9253a1c0.css?ver=4.8.21 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: text/css
Last-Modified: Fri, 25 Nov 2022 13:08:44 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 495
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/plugins/so-widgets-bundle/icons/fontawesome/style.css?ver=4.8.21
200 OK 350 B URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/so-widgets-bundle/icons/fontawesome/style.css?ver=4.8.21
IP
Hash 44d97fe78ad8a20d1d39076f4aef527f
a69e7abee8eaf2c3cdff536d63338b3d8a67ec84
9803fc8cc813aa53821429c699a70e475e764e73e85ea363ccea17cebb3dfd4d
GET /wp-content/plugins/so-widgets-bundle/icons/fontawesome/style.css?ver=4.8.21 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: text/css
Last-Modified: Sat, 02 Sep 2017 12:18:50 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 350
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 03:11:12 GMT
cache-control: public,max-age=3600
age: 2821
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
wgexpediciones.com/wp-content/plugins/so-widgets-bundle/widgets/google-map/css/style.css?ver=1.9.9
200 OK 146 B URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/so-widgets-bundle/widgets/google-map/css/style.css?ver=1.9.9
IP
Hash 38cae909fc6637817047ba7bfeb2c890
5760ea9213b205fd766b457a57a02c08d7103d5d
a5be2fbd8f46e4baf6621e21dacd8651a8ec0c70b198db94801b67f228e6b21e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/so-widgets-bundle/widgets/google-map/css/style.css?ver=1.9.9 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: text/css
Last-Modified: Sat, 02 Sep 2017 12:18:50 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 146
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.min.js?ver=4.8.21
200 OK 328 B URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.min.js?ver=4.8.21
IP
File type ASCII text, with very long lines (583), with no line terminators
Hash 00447791ada317c8b38b969bc04b1156
792407dbb7c3ed88e85d09929417847201ac52fe
57bcf21d715b46973671b60ca61756fc433b3e4749b8d96d02302e3475f15c5a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/simple-share-buttons-adder/js/ssba.min.js?ver=4.8.21 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: application/javascript
Last-Modified: Mon, 18 Sep 2017 19:46:20 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 328
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
ocsp.digicert.com/
200 OK 471 B IP
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5279
Cache-Control: max-age=110197
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 03:58:13 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:34:50 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
wgexpediciones.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9
200 OK 4.6 kB URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9
IP
Hash e47357872b1c7320022b8506776fa4da
05a95b901d8e70a8884662f9653ed91adc819c04
3e0da7960a4019ea01d7c244ca3621acc6d9e1aedf3632c898625a195664917e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: application/javascript
Last-Modified: Tue, 29 Aug 2017 10:53:40 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4576
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/plugins/simple-image-popup/js/jquery.magnific-popup.min.js?ver=4.8.21
200 OK 8.3 kB URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/simple-image-popup/js/jquery.magnific-popup.min.js?ver=4.8.21
IP
File type ASCII text, with very long lines (20087)
Hash d171f16057a47432cdd7422ad87cfda6
deba476217117ea847d9fc6db49c6d0eb3090bbd
e19dd5fad9e243f89e59bcb51162b96813d3e0ee8edf1135d8efd67eeea1d07f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/simple-image-popup/js/jquery.magnific-popup.min.js?ver=4.8.21 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: application/javascript
Last-Modified: Thu, 26 May 2022 19:07:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8267
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
200 OK 39 kB URL HTTP/1.1 wgexpediciones.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP
File type ASCII text, with very long lines (31997)
Hash 905b2ee2715ee070ddfe88ec23ff8b4f
f656e04cb0dcc8309eed252639a915c3a0a66740
59cd3f4ae408d379879150703dae5e468f751795b6f367788750f6eb8ae0bc22
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: application/javascript
Last-Modified: Fri, 05 Mar 2021 03:24:27 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 39401
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 03:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=367&locationId=7701581&lang=en_UK&year=2017&display_version=2
301 Moved Permanently 0 B URL HTTP/2 www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=367&locationId=7701581&lang=en_UK&year=2017&display_version=2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wejs?wtype=certificateOfExcellence&uniq=367&locationId=7701581&lang=en_UK&year=2017&display_version=2 HTTP/1.1
Host: www.jscache.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wgexpediciones.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: envoy
location: https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=367&locationId=7701581&lang=en_UK&year=2017&display_version=2
expires: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-type: text/plain; charset=utf-8
accept-ranges: bytes
date: Sun, 27 Nov 2022 03:58:13 GMT
via: 1.1 varnish
x-served-by: cache-bma1639-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669521493.000915,VS0,VE142
content-length: 0
X-Firefox-Spdy: h2
wgexpediciones.com/wp-content/themes/sydney/js/main.min.js?ver=20170504
200 OK 3.0 kB URL HTTP/1.1 wgexpediciones.com/wp-content/themes/sydney/js/main.min.js?ver=20170504
IP
File type ASCII text, with very long lines (8413), with no line terminators
Hash 7f2e6cf9257f52a99ab023a1eb25c6af
51302afd531b22cf4d833543ad2bfa9b730844de
9dd4d8ae7a0220afa2558efb546d9457d6f3f05b5529deeeae149d8218b2679f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/sydney/js/main.min.js?ver=20170504 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: application/javascript
Last-Modified: Mon, 28 Aug 2017 18:02:32 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2987
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/themes/sydney/js/scripts.js?ver=4.8.21
200 OK 28 kB URL HTTP/1.1 wgexpediciones.com/wp-content/themes/sydney/js/scripts.js?ver=4.8.21
IP
File type ASCII text, with very long lines (15269)
Hash 4131077c13841467fd2be99d94035527
5a1aa5b7ca3a6a32216edfec9ea45aba4546e9c6
613142ae1f3113b414d1e244e53b9079c388b71f54ad28129b2d733a3a850770
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/sydney/js/scripts.js?ver=4.8.21 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: application/javascript
Last-Modified: Mon, 28 Aug 2017 18:02:32 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 28420
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/themes/sydney/js/skip-link-focus-fix.js?ver=20130115
200 OK 345 B URL HTTP/1.1 wgexpediciones.com/wp-content/themes/sydney/js/skip-link-focus-fix.js?ver=20130115
IP
Hash dd483e7c8e4453c0156a0de2f46477af
71b90be69f6b562b45cf62d471fef87e621f2b82
9159c9c2bcc28f2f4e57284c97df002b3cab7d3260027d7dfa9f328d9d8c0c75
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/sydney/js/skip-link-focus-fix.js?ver=20130115 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: application/javascript
Last-Modified: Mon, 28 Aug 2017 18:02:32 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 345
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/plugins/facebook-pagelike-widget/fb.js?ver=1.0
200 OK 376 B URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/facebook-pagelike-widget/fb.js?ver=1.0
IP
Hash d9330530672903dabe57ce3d564f53f5
bad8c7c5476516ace9f96ae9e3731f9d89a5d6cd
bb1a2d63d1a6b1693726fdb289a18e7ea5e9be4ab714b9f0149ca6340bd50e8b
GET /wp-content/plugins/facebook-pagelike-widget/fb.js?ver=1.0 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: application/javascript
Last-Modified: Thu, 31 Aug 2017 08:36:08 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 376
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-includes/js/wp-embed.min.js?ver=4.8.21
200 OK 748 B URL HTTP/1.1 wgexpediciones.com/wp-includes/js/wp-embed.min.js?ver=4.8.21
IP
File type ASCII text, with very long lines (1386), with no line terminators
Hash 9cd1f44188ee5c37e4d152cc2088e662
0ffc97741f2d956d98f1f6cc2eec9d4be4b884e5
741ff24b3ee9fa922e2847d50aaae623d134a0cc9a2963286619c973c023052d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=4.8.21 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: application/javascript
Last-Modified: Thu, 15 Apr 2021 19:04:54 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 748
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/plugins/so-widgets-bundle/widgets/google-map/js/js-map.min.js?ver=1.9.9
200 OK 3.1 kB URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/so-widgets-bundle/widgets/google-map/js/js-map.min.js?ver=1.9.9
IP
File type ASCII text, with very long lines (7400), with no line terminators
Hash 3cd0e53e19ece27d9807baab2d99976e
8f8f350310cf5ebc5e55f9dfeb72400eb1a95205
7e08aa016a3b0f3de10705ee0d47bfea5c34d3527844aaf336b56285a63a4409
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/so-widgets-bundle/widgets/google-map/js/js-map.min.js?ver=1.9.9 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: application/javascript
Last-Modified: Sat, 02 Sep 2017 12:18:50 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 3063
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/plugins/simple-image-popup//css/simple-image-popup.css?ver=4.8.21
200 OK 289 B URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/simple-image-popup//css/simple-image-popup.css?ver=4.8.21
IP
File type ASCII text, with CRLF line terminators
Hash d057738babf7fe05bf64a4219d5c85b8
9f4ce05baebe109d43a8d24eeffd3206597efdf2
fa593d51702b5dfa98d4105089d2136539a2c75a984f2ecfc429f6ce16b02f67
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/simple-image-popup//css/simple-image-popup.css?ver=4.8.21 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: text/css
Last-Modified: Thu, 26 May 2022 19:07:03 GMT
Accept-Ranges: bytes
Content-Length: 289
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 03:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wgexpediciones.com/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png
200 OK 603 B URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png
IP
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash e967188caf7ec5836cf260322c775cd5
98ad1fb37a4865cefbaefac2278db0673b953f5c
ce51a8242cd7db442e699ae88aed60a8411c521792e72bc744725596b2593d45
GET /wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: image/png
Last-Modified: Mon, 18 Sep 2017 19:46:20 GMT
Accept-Ranges: bytes
Content-Length: 603
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/google.png
200 OK 1.4 kB URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/google.png
IP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash dbbbdaed4a4e3bf7a938cd04fb0f4ca5
a77611667e7c9c69f863c84767a0ad92a8bed7ee
a1383a0bf753147394c6f8e15e7086d51e6f45c7dcf753124043a50925a2b07c
GET /wp-content/plugins/simple-share-buttons-adder/buttons/somacro/google.png HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: image/png
Last-Modified: Mon, 18 Sep 2017 19:46:20 GMT
Accept-Ranges: bytes
Content-Length: 1369
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png
200 OK 676 B URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png
IP
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash deca151ec66e522b9eed23f416186ca7
14a8003eba6dca3ae8ad172551e515badac8a337
4e857e52f3825038a21bb1fd8a89a150038f6d6418f994abb2b315380e0bc36f
GET /wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: image/png
Last-Modified: Mon, 18 Sep 2017 19:46:20 GMT
Accept-Ranges: bytes
Content-Length: 676
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png
200 OK 734 B URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png
IP
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 9102af32fe26d52fd80240f7ebdaf365
234129708a42fd4d3a1849783395f19040a31b45
0a506bf66d9868a3dc52aa0cdff4065254aa58eb7eee4b937064db6995895303
GET /wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: image/png
Last-Modified: Mon, 18 Sep 2017 19:46:20 GMT
Accept-Ranges: bytes
Content-Length: 734
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
fonts.gstatic.com/s/indieflower/v17/m8JVjfNVeKWVnh3QMuKkFcZVaUuH.woff2
200 OK 20 kB URL HTTP/1.1 fonts.gstatic.com/s/indieflower/v17/m8JVjfNVeKWVnh3QMuKkFcZVaUuH.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19508, version 1.0\012- data
Hash 9394245807cdc19b3589495b30ee366f
c99d7d78e2ce218f132fad5745340553e7eef956
cb57752edc96294323252e8d84fa25f975943b2ef3e87b2c984b15ca935d7657
GET /s/indieflower/v17/m8JVjfNVeKWVnh3QMuKkFcZVaUuH.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wgexpediciones.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19508
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 00:29:36 GMT
Expires: Thu, 23 Nov 2023 00:29:36 GMT
Cache-Control: public, max-age=31536000
Age: 358117
Last-Modified: Tue, 26 Apr 2022 15:27:17 GMT
Content-Type: font/woff2
wgexpediciones.com/wp-content/plugins/facebook-pagelike-widget/loader.gif
200 OK 8.2 kB URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/facebook-pagelike-widget/loader.gif
IP
File type GIF image data, version 89a, 100 x 100\012- data
Hash 712d132d38c9c67294c0a7f55abade4e
b085d6fb8c5ec3ed9497fb52c2cf4dc5c51459ec
dede012563c945321fbe3952281658f48ee6bda0531c3301bc82e28efc01421f
GET /wp-content/plugins/facebook-pagelike-widget/loader.gif HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: image/gif
Last-Modified: Thu, 31 Aug 2017 08:36:08 GMT
Accept-Ranges: bytes
Content-Length: 8238
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
ocsp.pki.goog/gts1c3
200 OK 16 kB IP
File type PNG image data, 152 x 124, 8-bit/color RGB, non-interlaced\012- data
Hash 5706304f59ace8cb7ba46e2c86c0d6f3
67a1373eb94118666c87dbc032c93fe171f3d775
567b2a51461b4baf7397797563a0ef3cd2993aa4265d366dafc5cbecf572d757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 03:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 03:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wgexpediciones.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:26:57 GMT
expires: Thu, 23 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 289876
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=367&locationId=7701581&lang=en_UK&year=2017&display_version=2
200 OK 253 B URL HTTP/2 www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=367&locationId=7701581&lang=en_UK&year=2017&display_version=2
IP
Hash 00493b9ee4f25947c18ae7635c048b7f
6200084304adb5364fa611d2d1b06480f31d6118
1bc3181855418a66708cda6aadcb7a4ab8caf47e1a7024fbd6a13669ae5f40c8
GET /wejs?wtype=certificateOfExcellence&uniq=367&locationId=7701581&lang=en_UK&year=2017&display_version=2 HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://wgexpediciones.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: envoy
expires: 0
cache-control: no-cache,no-store,must-revalidate
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
timing-allow-origin: https://www.tripadvisor.com
vary: Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
content-encoding: gzip
content-length: 253
date: Sun, 27 Nov 2022 03:58:13 GMT
set-cookie: TADCID=qokxiHAKrsvXWt0GABQCFdpBzzOuRA-9xvCxaMyI13HOm7vDohaw6qCSUlp6M8El9ZEoKtvw9xrJzvOSbdZMBmWP1i1rylrPocs; Domain=www.tripadvisor.com; Expires=Wed, 24-Nov-2032 03:58:13 GMT; Path=/; Secure; HttpOnly
__vt=BW2od4Nph55FvxHuABQCIf6-ytF7QiW7ovfhqc-AvSGsO_YP1gVJnM12G7pnDVVNuEToGbXCyZ-zL_jR4h2Dxa99srdxCrwFZ-RIKEJpsU2ojni_Yc2Ro-k5cO1U3V2Qap_AOAif7N5UzpZY2TB8tzovzkc; Domain=www.tripadvisor.com; Expires=Sun, 27-Nov-2022 04:58:13 GMT; Path=/; Secure; HttpOnly
_abck=82302864C844161D8CCCD143A67A2952~-1~YAAQBk8kF88+QXyEAQAApk08twgDE3Im1tWjGPwv9lHeo/s2WqGKR6LKe161bKVV6NUi89GXyfRWJCwwXg9wo1CpYa9ew8rHyq+RVsgC+DIdYW3R7dvLTLDYAWxciOVrFmkdhFU3nXqwJoN39X7OQxNrQwwFEr86Nw0O/rIVanKuLTaRUJ7+rKyq6TDxZrLEghZjsVOBx/zU3PXnzUS4rG55xoTvBpzOI5RTDLXrYO6dutnlsXH7C0e3zrvy48ssOkiX4AenkG4J3mg2zRGSbgj6FuAuVpDmyLWouVXWUyYOhAZoN6awPVAX9NIeg6tL8jjKcu19Ruuj48iAJrlK2ELjnAiwH5HKhZhRElYvkVqc80/qhcnOZPBrkY7yTDW9ONc=~-1~-1~-1; Domain=.tripadvisor.com; Path=/; Expires=Mon, 27 Nov 2023 03:58:13 GMT; Max-Age=31536000; Secure
bm_sz=69E978E4E60EF9FC9AB4023C52DEBC0E~YAAQBk8kF9A+QXyEAQAApk08txF+vyy4INCs3Bl/BE2IrdMOqaQMR6l6ytqfi0yAFPmkqFF6V+x/eoq7c7XfeWW785Vu8Vw1hCM5HU9dpOznGwFv4pVqy24h7WH7PgPa9HJgQ3FtdGh+Ej7z75MevCKSAuQjpQI+4czgWBxjlp1rUAvGp6j3X/sJgLhXx/nEVl55vy9e/uQUUASAhjf3cC5BHNDq459uUuhw5mswKE60WNgJCun2FQInxyHLvJvubVvbvW88jmPiNoJI70wBifwzyxJT8WlXxZgw3JqKT7r1jnpL/T24Fw==~4604983~4407873; Domain=.tripadvisor.com; Path=/; Expires=Sun, 27 Nov 2022 07:58:13 GMT; Max-Age=14400
X-Firefox-Spdy: h2
wgexpediciones.com/wp-content/uploads/2017/09/white-and-green-san-pedro-de-atacama-tour-bolivia-laguna-colorada-01.jpg
200 OK 44 kB URL HTTP/1.1 wgexpediciones.com/wp-content/uploads/2017/09/white-and-green-san-pedro-de-atacama-tour-bolivia-laguna-colorada-01.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x426, components 3\012- data
Hash 95613aff4e87987ee19ad01de6d239d7
27e154e42401d3a45389587bd36391faca2d6693
b47e3f1e2a7f80944af5edebe11da93b8d909b3e7c814b628cf8e5560ca75a30
GET /wp-content/uploads/2017/09/white-and-green-san-pedro-de-atacama-tour-bolivia-laguna-colorada-01.jpg HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: image/jpeg
Last-Modified: Thu, 14 Sep 2017 10:31:04 GMT
Accept-Ranges: bytes
Content-Length: 43885
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wgexpediciones.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:26:57 GMT
expires: Thu, 23 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 289876
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 03:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wgexpediciones.com/wp-content/uploads/2017/09/white-and-green-san-pedro-de-atacama-tour-bolivia-laguna-colorada-red-03.jpg
200 OK 62 kB URL HTTP/1.1 wgexpediciones.com/wp-content/uploads/2017/09/white-and-green-san-pedro-de-atacama-tour-bolivia-laguna-colorada-red-03.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x426, components 3\012- data
Hash e5003bd0698bd8fd0e848882da921e20
76fb39330f81a69517b1e5a025781dbc09ac159c
9e9afa6ffce9847f2072076cefbf808fab9aad3a44acfa9e69101e4c7cf156a9
GET /wp-content/uploads/2017/09/white-and-green-san-pedro-de-atacama-tour-bolivia-laguna-colorada-red-03.jpg HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: image/jpeg
Last-Modified: Thu, 14 Sep 2017 10:35:10 GMT
Accept-Ranges: bytes
Content-Length: 62216
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2nYyWTquwxfYuSdah+SnyQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aDPk0Xi4C9js3gPmUjMHfeFe24I=
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wgexpediciones.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:13:13 GMT
expires: Tue, 21 Nov 2023 21:13:13 GMT
cache-control: public, max-age=31536000
age: 456300
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 03:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wgexpediciones.com/wp-content/uploads/2017/09/white-and-green-san-pedro-de-atacama-tour-bolivia-laguna-colorada-02.jpg
200 OK 56 kB URL HTTP/1.1 wgexpediciones.com/wp-content/uploads/2017/09/white-and-green-san-pedro-de-atacama-tour-bolivia-laguna-colorada-02.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x426, components 3\012- data
Hash 5d13b7bc5a167144bc5da1ed81084c51
f80f86c09dcfc2d500ae1390c96564f5c4e5493f
33a6d3dde771b10e4e82eb684913b3c53ba6438c40b267f3f5544a20eff60c63
GET /wp-content/uploads/2017/09/white-and-green-san-pedro-de-atacama-tour-bolivia-laguna-colorada-02.jpg HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: image/jpeg
Last-Modified: Thu, 14 Sep 2017 10:31:10 GMT
Accept-Ranges: bytes
Content-Length: 56473
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/plugins/so-widgets-bundle/icons/fontawesome/font/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/1.1 wgexpediciones.com/wp-content/plugins/so-widgets-bundle/icons/fontawesome/font/fontawesome-webfont.woff2?v=4.7.0
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/plugins/so-widgets-bundle/icons/fontawesome/font/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://wgexpediciones.com/wp-content/plugins/so-widgets-bundle/icons/fontawesome/style.css?ver=4.8.21
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: font/woff2
Last-Modified: Sat, 02 Sep 2017 12:18:50 GMT
Accept-Ranges: bytes
Content-Length: 77160
Date: Sun, 27 Nov 2022 03:58:13 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/uploads/2022/07/rd-horizontal.jpg
200 OK 105 kB URL HTTP/1.1 wgexpediciones.com/wp-content/uploads/2022/07/rd-horizontal.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x682, components 3\012- data
Size 105 kB (105104 bytes)
Hash 030397e1468ddc0743c1652ae6486028
1a66ab2c871da2af34ccf6f4fadac181ea7d0353
a68b991876b83b18ec284d03bb769320f50011c46484a7f0eb95234992f1c8c6
GET /wp-content/uploads/2022/07/rd-horizontal.jpg HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:12 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 05 Jul 2022 12:05:45 GMT
Accept-Ranges: bytes
Content-Length: 105104
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/themes/sydney/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/1.1 wgexpediciones.com/wp-content/themes/sydney/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/sydney/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://wgexpediciones.com/wp-content/themes/sydney/fonts/font-awesome.min.css?ver=4.8.21
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: font/woff2
Last-Modified: Mon, 28 Aug 2017 18:02:32 GMT
Accept-Ranges: bytes
Content-Length: 77160
Date: Sun, 27 Nov 2022 03:58:12 GMT
Server: LiteSpeed
static.tacdn.com/js3/build/concat/widget/cdswidgets_min-c-v2395114504a.js
200 OK 641 B URL HTTP/2 static.tacdn.com/js3/build/concat/widget/cdswidgets_min-c-v2395114504a.js
IP
File type ASCII text, with very long lines (1625)
Hash 4b8d1ddd273f0a0a2e1f8b06c9baeefa
d958d80355fc42bf35f2d83d6dd62693f56e2658
48683eb9ca0452e0ed42bab3866b9ef99a690c89c97156bdbabde15a861a7ec2
GET /js3/build/concat/widget/cdswidgets_min-c-v2395114504a.js HTTP/1.1
Host: static.tacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wgexpediciones.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Fri, 04 Mar 2022 12:32:49 GMT
cache-control: max-age=31536000, immutable
expires: Sat, 18 Mar 2023 00:21:17 GMT
content-encoding: gzip
timing-allow-origin: *
access-control-allow-origin: *
content-type: application/x-javascript
accept-ranges: bytes
date: Sun, 27 Nov 2022 03:58:13 GMT
via: 1.1 varnish
age: 21958613
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 5336
x-timer: S1669521494.664757,VS0,VE0
vary: Accept-Encoding
content-length: 641
X-Firefox-Spdy: h2
www.tripadvisor.co.uk/WidgetEmbed-certificateOfExcellence?year=2017&locationId=7701581&display_version=2&uniq=367&lang=en_UK
200 OK 5.3 kB URL HTTP/2 www.tripadvisor.co.uk/WidgetEmbed-certificateOfExcellence?year=2017&locationId=7701581&display_version=2&uniq=367&lang=en_UK
IP
File type ASCII text, with very long lines (6571)
Hash 7b01a6b31ca437e7cd97afc7052c24d3
518975bc06d653f7344a7f817aa29df832e26a48
bca805968061118d9fbd14e650519d0146ae29b42bce8505ec2b680fcec5defe
GET /WidgetEmbed-certificateOfExcellence?year=2017&locationId=7701581&display_version=2&uniq=367&lang=en_UK HTTP/1.1
Host: www.tripadvisor.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wgexpediciones.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
content-language: en-GB
expires: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
set-cookie: TADCID=GreD6uMw8EJrYo6FABQCFdpBzzOuRA-9xvCxaMyI13HOmzyFIhELu-uMEzr-sWmJP1qd7WGIfgLNl0aYvnvgWsCpJcU2n6PKAJM; Domain=www.tripadvisor.co.uk; Expires=Wed, 24-Nov-2032 03:58:13 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3A2vlPZgm4Kabk7nWhzVPS6shGd0grv0wJC3eH3F2eRtU2jHwltRJPGQ%3D%3D; Domain=.tripadvisor.co.uk; Expires=Tue, 26-Nov-2024 03:58:13 GMT; Path=/; HttpOnly
__vt=9-KJyvWbnviqKMVHABQCIf6-ytF7QiW7ovfhqc-AvSGsO-m8HNL7gB5EhYWwIksdSHVf5PUKr96he6rtXIoYqJGvqlsWB5lPrfoIJOxKbCnXnm2uAM_Fak611wqr2jxzTqSqcqdSVy9PBzY0ECqsbW9m; Domain=www.tripadvisor.co.uk; Expires=Sun, 27-Nov-2022 04:58:13 GMT; Path=/; Secure; HttpOnly
TASSK=enc%3AAEcDb5XUi0Bmuk87fGZglVBZ5KPWlwC2ztdK4t%2BgaydixZKPsbCXkdTNrww9321D2NuvqE7gr7gncDy7TjP7%2FX3Inrzd3zcAPBg1JDZX%2BlOsq8VBWBFqiDA1Gj9v%2FjnkaQ%3D%3D; Domain=www.tripadvisor.co.uk; Expires=Fri, 26-May-2023 03:58:13 GMT; Path=/; HttpOnly
TASession=V2ID.685FC8FF338249DD9685E89C4A49401D*SQ.1*LS.WidgetEmbed-certificateOfExcellence*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*DF.0*TRA.true; Domain=.tripadvisor.co.uk; Path=/
SRT=TART_SYNC; Domain=www.tripadvisor.co.uk; Expires=Sun, 27-Nov-2022 04:28:13 GMT; Path=/
ServerPool=C; Domain=.tripadvisor.co.uk; Path=/
PMC=V2*MS.28*MD.20221126*LD.20221126; Domain=www.tripadvisor.co.uk; Expires=Tue, 26-Nov-2024 03:58:13 GMT; Path=/; Secure; HttpOnly
TART=%1%enc%3A5O51oc1T0uqpntghWCpD0qFduVLBS%2BT5htFf4R9huEziM2BAqje3JkVmWUztlMfUUHBdG3udNiw%3D; Domain=www.tripadvisor.co.uk; Expires=Fri, 02-Dec-2022 03:58:13 GMT; Path=/; HttpOnly
TATravelInfo=V2*A.2*MG.-1*HP.2*FL.3*RS.1; Domain=.tripadvisor.co.uk; Expires=Sun, 11-Dec-2022 03:58:13 GMT; Path=/
TAUD=RDD-1669521493502-2022_11_26; Domain=.tripadvisor.co.uk; Expires=Sun, 11-Dec-2022 03:58:13 GMT; Path=/
TASID=685FC8FF338249DD9685E89C4A49401D; Domain=www.tripadvisor.co.uk; Expires=Sun, 27-Nov-2022 04:28:13 GMT; Path=/; Secure
timing-allow-origin: https://www.tripadvisor.com
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
accept-ranges: bytes
date: Sun, 27 Nov 2022 03:58:13 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669521493.435150,VS0,VE147
vary: User-Agent,Accept-Encoding
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP
File type ASCII text, with very long lines (1957)
Hash 7a593841c865887aac9dc36700a37a65
53637787edeaf856acb51a4df33e16c41aaed006
10487f7d7b3bf4935a6c4a6e231378c380fd5badf347f44d82f50adaffa2f131
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 9ce00568bcbf128bb83fb58199f58466
ETag: "835118ee873e62e2438d993f20c33b44"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Sun, 27 Nov 2022 04:02:24 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: elk4QchliHqsncNnAKN6ZQ==
X-FB-Debug: nSEQbon5zRVPGTtQNa16JF9kqQA72EGFuanaCZPp6tCv92BsUcNSYdk4Z2hMPg5pXkSajGTszDK9LpRVVepf4Q==
Priority: u=3,i
X-FB-TRIP-ID: 1904183273
Date: Sun, 27 Nov 2022 03:58:13 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1688
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Sun, 27 Nov 2022 02:22:56 GMT
Expires: Sun, 27 Nov 2022 04:22:56 GMT
Cache-Control: public, max-age=7200
Age: 5717
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
wgexpediciones.com/wp-content/uploads/2017/08/cropped-LOGO-REDONDO-32x32.png
200 OK 2.1 kB URL HTTP/1.1 wgexpediciones.com/wp-content/uploads/2017/08/cropped-LOGO-REDONDO-32x32.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e5dac0e0505a8ab818fbc0cf71f60440
e92ddbea8ebf66ebc94713699211b6cde92d02bf
232b8e6e39ba4a25a56b67e44e6465352004a61dcd9bec878c9a067c813e99fa
GET /wp-content/uploads/2017/08/cropped-LOGO-REDONDO-32x32.png HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:13 GMT
Content-Type: image/png
Last-Modified: Sun, 24 Sep 2017 19:46:56 GMT
Accept-Ranges: bytes
Content-Length: 2103
Date: Sun, 27 Nov 2022 03:58:13 GMT
Server: LiteSpeed
wgexpediciones.com/wp-content/uploads/2017/08/cropped-LOGO-REDONDO-192x192.png
200 OK 31 kB URL HTTP/1.1 wgexpediciones.com/wp-content/uploads/2017/08/cropped-LOGO-REDONDO-192x192.png
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e248497bebb639072f1f63c6575d1f97
3c947784e70f6f91a1063ff190cd9944ea7a9fb7
b6b3c06e44a5b9d38638a04f3cbc65862fbce7c005584f4825475769cf3bb5d5
GET /wp-content/uploads/2017/08/cropped-LOGO-REDONDO-192x192.png HTTP/1.1
Host: wgexpediciones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/en/uyuni-full-day-red-lagoon/
Cookie: pll_language=en
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Sun, 04 Dec 2022 03:58:13 GMT
Content-Type: image/png
Last-Modified: Sun, 24 Sep 2017 19:46:56 GMT
Accept-Ranges: bytes
Content-Length: 31264
Date: Sun, 27 Nov 2022 03:58:13 GMT
Server: LiteSpeed
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 0b989e80ddfee2ec1eef9e9fa74f4b43
c69d8c8e6e36d84e83f00af097ae20f605dc1af4
3faf87636a3c10cde2cf9196d112f4d385509e3354d789a5f83cb72ee3ed8db2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 27 Nov 2022 03:58:13 GMT
Last-Modified: Sun, 27 Nov 2022 03:20:28 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iDswyjksgQFtNfA5XPNQkXkhf9ou-ZVVeM0I-sUwhAYI0FWajdMuSw==
Age: 2265
l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1669521493116.84689&hostname=wgexpediciones.com&location=%2Fen%2Fuyuni-full-day-red-lagoon%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=http%3A%2F%2Fwgexpediciones.com%2Fen%2Fuyuni-full-day-red-lagoon%2F&title=Full%20day%20red%20Lagoon%20-%20White%20and%20Green%20International%20Travel&sop=false&description=at%205000%20meters%20over%20sea%20level%2C%20finally%20we%20will%20be%20arriving%20up%20to%20the%20spectacular%20Red%20Lagoon%20where%20you%20can%20appreciate%20thousands%20of%20flamingos.
204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1669521493116.84689&hostname=wgexpediciones.com&location=%2Fen%2Fuyuni-full-day-red-lagoon%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=http%3A%2F%2Fwgexpediciones.com%2Fen%2Fuyuni-full-day-red-lagoon%2F&title=Full%20day%20red%20Lagoon%20-%20White%20and%20Green%20International%20Travel&sop=false&description=at%205000%20meters%20over%20sea%20level%2C%20finally%20we%20will%20be%20arriving%20up%20to%20the%20spectacular%20Red%20Lagoon%20where%20you%20can%20appreciate%20thousands%20of%20flamingos.
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=st_insights.js&lang=en&sessionID=1669521493116.84689&hostname=wgexpediciones.com&location=%2Fen%2Fuyuni-full-day-red-lagoon%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=http%3A%2F%2Fwgexpediciones.com%2Fen%2Fuyuni-full-day-red-lagoon%2F&title=Full%20day%20red%20Lagoon%20-%20White%20and%20Green%20International%20Travel&sop=false&description=at%205000%20meters%20over%20sea%20level%2C%20finally%20we%20will%20be%20arriving%20up%20to%20the%20spectacular%20Red%20Lagoon%20where%20you%20can%20appreciate%20thousands%20of%20flamingos. HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://wgexpediciones.com
Connection: keep-alive
Referer: http://wgexpediciones.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: http://wgexpediciones.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 27 Nov 2022 03:58:13 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
www.google-analytics.com/plugins/ua/linkid.js
200 OK 859 B URL HTTP/1.1 www.google-analytics.com/plugins/ua/linkid.js
IP
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wgexpediciones.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Length: 859
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 03:47:33 GMT
Expires: Sun, 27 Nov 2022 04:47:33 GMT
Cache-Control: public, max-age=3600
Age: 641
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: text/javascript
l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1669521493116.84689&hostname=wgexpediciones.com&location=%2Fen%2Fuyuni-full-day-red-lagoon%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=http%3A%2F%2Fwgexpediciones.com%2Fen%2Fuyuni-full-day-red-lagoon%2F&title=Full%20day%20red%20Lagoon%20-%20White%20and%20Green%20International%20Travel&sop=false&description=at%205000%20meters%20over%20sea%20level%2C%20finally%20we%20will%20be%20arriving%20up%20to%20the%20spectacular%20Red%20Lagoon%20where%20you%20can%20appreciate%20thousands%20of%20flamingos.&description=at%205000%20meters%20over%20sea%20level%2C%20finally%20we%20will%20be%20arriving%20up%20to%20the%20spectacular%20Red%20Lagoon%20where%20you%20can%20appreciate%20thousands%20of%20flamingos.&img_pview=true
204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1669521493116.84689&hostname=wgexpediciones.com&location=%2Fen%2Fuyuni-full-day-red-lagoon%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=http%3A%2F%2Fwgexpediciones.com%2Fen%2Fuyuni-full-day-red-lagoon%2F&title=Full%20day%20red%20Lagoon%20-%20White%20and%20Green%20International%20Travel&sop=false&description=at%205000%20meters%20over%20sea%20level%2C%20finally%20we%20will%20be%20arriving%20up%20to%20the%20spectacular%20Red%20Lagoon%20where%20you%20can%20appreciate%20thousands%20of%20flamingos.&description=at%205000%20meters%20over%20sea%20level%2C%20finally%20we%20will%20be%20arriving%20up%20to%20the%20spectacular%20Red%20Lagoon%20where%20you%20can%20appreciate%20thousands%20of%20flamingos.&img_pview=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=st_insights.js&lang=en&sessionID=1669521493116.84689&hostname=wgexpediciones.com&location=%2Fen%2Fuyuni-full-day-red-lagoon%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=http%3A%2F%2Fwgexpediciones.com%2Fen%2Fuyuni-full-day-red-lagoon%2F&title=Full%20day%20red%20Lagoon%20-%20White%20and%20Green%20International%20Travel&sop=false&description=at%205000%20meters%20over%20sea%20level%2C%20finally%20we%20will%20be%20arriving%20up%20to%20the%20spectacular%20Red%20Lagoon%20where%20you%20can%20appreciate%20thousands%20of%20flamingos.&description=at%205000%20meters%20over%20sea%20level%2C%20finally%20we%20will%20be%20arriving%20up%20to%20the%20spectacular%20Red%20Lagoon%20where%20you%20can%20appreciate%20thousands%20of%20flamingos.&img_pview=true HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wgexpediciones.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 27 Nov 2022 03:58:14 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash f79de44e08c43da30a3c6c5291fdc427
1a07b622d844d4793fe4767199f5f33f0f3229e2
d536b31b46e283bf64ff0c3e3bf29c706f1d5c2b63d82bc41c76e15bf4a06fe2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3687
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 03:58:14 GMT
Last-Modified: Sun, 27 Nov 2022 02:56:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js?hash=1d7acc4343534a3414959790e064669a
200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=1d7acc4343534a3414959790e064669a
IP
File type ASCII text, with very long lines (13192)
Hash e09caa5e4cf6fd2806a1dbf8eac56db8
a8fc40d8e089a5155ee19fec7fd0ee7ffa03bf12
7c1a36d326d83477474608dc781dfa00cac10fa9cc50f9415038c1df151a445a
GET /en_US/sdk.js?hash=1d7acc4343534a3414959790e064669a HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://wgexpediciones.com
Connection: keep-alive
Referer: http://wgexpediciones.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 21b00affb21c5a5906e96a29bd9ab6be
etag: "8ed88d6e4d1a26fed6ec7c94a1764bd9"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 27 Nov 2023 03:12:18 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 4JyqXkz2/SgGodv46sVtuA==
x-fb-debug: OESOpN/RnK58/KqyYf2XAB1RQxrtwZT6Rqynk+lNmaGDvaRsvU4BFuH1Ku3xRqJ6I5xCz1CRUJEUhRcEIUp3Og==
content-length: 86898
x-fb-trip-id: 1904183273
date: Sun, 27 Nov 2022 03:58:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 03:58:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j98&a=2126635141&t=pageview&_s=1&dl=http%3A%2F%2Fwgexpediciones.com%2Fen%2Fuyuni-full-day-red-lagoon%2F&ul=en-us&de=UTF-8&dt=Full%20day%20red%20Lagoon%20-%20White%20and%20Green%20International%20Travel&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGBAgUAjCAAAAAAAI~&jid=1818429392&gjid=1865029759&cid=456691726.1669521494&tid=UA-107450697-1&_gid=1237206703.1669521494&z=1953710613
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j98&a=2126635141&t=pageview&_s=1&dl=http%3A%2F%2Fwgexpediciones.com%2Fen%2Fuyuni-full-day-red-lagoon%2F&ul=en-us&de=UTF-8&dt=Full%20day%20red%20Lagoon%20-%20White%20and%20Green%20International%20Travel&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGBAgUAjCAAAAAAAI~&jid=1818429392&gjid=1865029759&cid=456691726.1669521494&tid=UA-107450697-1&_gid=1237206703.1669521494&z=1953710613
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j98&a=2126635141&t=pageview&_s=1&dl=http%3A%2F%2Fwgexpediciones.com%2Fen%2Fuyuni-full-day-red-lagoon%2F&ul=en-us&de=UTF-8&dt=Full%20day%20red%20Lagoon%20-%20White%20and%20Green%20International%20Travel&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGBAgUAjCAAAAAAAI~&jid=1818429392&gjid=1865029759&cid=456691726.1669521494&tid=UA-107450697-1&_gid=1237206703.1669521494&z=1953710613 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wgexpediciones.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Sat, 26 Nov 2022 04:42:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 83717
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 03:58:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-107450697-1&cid=456691726.1669521494&jid=1818429392&gjid=1865029759&_gid=1237206703.1669521494&_u=aGBAgUAjCAAAAEAAI~&z=1526449136
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-107450697-1&cid=456691726.1669521494&jid=1818429392&gjid=1865029759&_gid=1237206703.1669521494&_u=aGBAgUAjCAAAAEAAI~&z=1526449136
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-107450697-1&cid=456691726.1669521494&jid=1818429392&gjid=1865029759&_gid=1237206703.1669521494&_u=aGBAgUAjCAAAAEAAI~&z=1526449136 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://wgexpediciones.com
Connection: keep-alive
Referer: http://wgexpediciones.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://wgexpediciones.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 27 Nov 2022 03:58:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 03:58:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 03:58:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6225
Expires: Sun, 27 Nov 2022 05:41:59 GMT
Date: Sun, 27 Nov 2022 03:58:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6225
Expires: Sun, 27 Nov 2022 05:41:59 GMT
Date: Sun, 27 Nov 2022 03:58:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6225
Expires: Sun, 27 Nov 2022 05:41:59 GMT
Date: Sun, 27 Nov 2022 03:58:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6225
Expires: Sun, 27 Nov 2022 05:41:59 GMT
Date: Sun, 27 Nov 2022 03:58:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6225
Expires: Sun, 27 Nov 2022 05:41:59 GMT
Date: Sun, 27 Nov 2022 03:58:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 33d3ca17-7878-4897-a634-5f626a64e820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJ40OEOqIAMFaOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6380a1b4-040288d571fc10b96d893fa4;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 11:06:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: f_U8KSYET6kaKAPbEV7sHW0tO6JGijsqUvghniwzFCRd2YGQjVlFoA==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 10:16:33 GMT
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
age: 63701
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57bc6cf-beaa-443b-9756-cf26e4fe3767.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57bc6cf-beaa-443b-9756-cf26e4fe3767.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2212cf75f99dc67fd45db47f7101d754
4b4a8c8e8aeccfff25d2748720dcef8fed287126
7b2d2e302faba8f273b51031fa48b444cb7839733b90e8c9d077ca63637320d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57bc6cf-beaa-443b-9756-cf26e4fe3767.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6954
x-amzn-requestid: 94a02687-72f2-4796-a7ea-d3f28b412566
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1jHpGBVIAMFsSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63787efd-22666b18283ae59b1348bf47;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:00:13 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: feZayJeKq9jWHQ-rjutNr6buIjLVeIdY0A_ZeGo6NKgoQ6BBT3XQaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:22:57 GMT
age: 20117
etag: "4b4a8c8e8aeccfff25d2748720dcef8fed287126"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccb536b51f31391c89fb2abe3be6c749
c9a5ab962bfdd174aecd4809d770f0fe305ab8e4
b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9073
x-amzn-requestid: 6cf20b75-6b27-4a34-97a8-017d7169f31b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JuVHY7IAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2328-1ca76b3537613fb26358b8f2;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: lg8rdnHT_ndB-9CMrHcVN8a2xZCubuTEpUQ2m6i77l-NfdNfhfITEQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 14:36:38 GMT
age: 48096
etag: "c9a5ab962bfdd174aecd4809d770f0fe305ab8e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
age: 22560
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7f16c0f8a8e710210ce77c0e4c1c2a2
590c34be54c9889eec4ff7993e070fda836f711f
4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JmJEzqrxMdQtAWft6FHjIqo-WhpiUDfaLpRUe59RcOwReYf1sL-xRg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 04:48:54 GMT
age: 83360
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
age: 22560
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C400italic%2C600%7CRaleway%3A400%2C500%2C600
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C400italic%2C600%7CRaleway%3A400%2C500%2C600
IP
GET /css?family=Source+Sans+Pro%3A400%2C400italic%2C600%7CRaleway%3A400%2C500%2C600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wgexpediciones.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 03:58:13 GMT
date: Sun, 27 Nov 2022 03:58:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
185.222.157.104
151.101.86.83
93.184.220.29
34.102.187.140
23.36.77.32
18.193.55.12
104.18.10.207