staging.hotelviladepremia.com/
167.86.73.18301 Moved Permanently 162 B URL HTTP/1.1 staging.hotelviladepremia.com/
IP 167.86.73.18:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 01:29:38 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://staging.hotelviladepremia.com/
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5460
Expires: Wed, 11 Jan 2023 03:00:38 GMT
Date: Wed, 11 Jan 2023 01:29:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1f67827b21be68d925837dd729590f2d
dc24511141f5352e496b300d7d7e81b0cffb7475
afb1850e7c16f02d267a1310f1681367ecf598816fc62bd02447ffcd26117a9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFB1850E7C16F02D267A1310F1681367ECF598816FC62BD02447FFCD26117A9F"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3018
Expires: Wed, 11 Jan 2023 02:19:56 GMT
Date: Wed, 11 Jan 2023 01:29:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 11 Jan 2023 00:41:44 GMT
content-type: application/json
age: 2874
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 718fc486cd6a70fcacc1653759703fae
bf60ba7a37d2deef1b7000e91cc88da586bb75ca
398d02e16da466ffe87b64ac34b007615951cca14d43610b4acd58bc2a5fadff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "398D02E16DA466FFE87B64AC34B007615951CCA14D43610B4ACD58BC2A5FADFF"
Last-Modified: Tue, 10 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6102
Expires: Wed, 11 Jan 2023 03:11:20 GMT
Date: Wed, 11 Jan 2023 01:29:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6hK6j9Rtci158Mq4XDflLeVQsbK8FaOOC6l3+LJzd1W5Rt4lAe2suwjbo5+UNFJ8McYR4MAS1iK9Tsb+xL9E0Q==
x-amz-request-id: 7AWSC37YTGXRN4F8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 11 Jan 2023 01:16:51 GMT
age: 767
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:38 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 74c258f4b13807a7ef4f772f8ffb6601
946aedf98d707fae69ad17a58ae2b7764eb83170
e235e1826f2323885e0ac94830805274ae1cb568364d5b68c1df4f3f1b317ce7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E235E1826F2323885E0AC94830805274AE1CB568364D5B68C1DF4F3F1B317CE7"
Last-Modified: Wed, 11 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21580
Expires: Wed, 11 Jan 2023 07:29:18 GMT
Date: Wed, 11 Jan 2023 01:29:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 11 Jan 2023 01:17:24 GMT
age: 735
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a831a999b5e598b4e9f4e31e8054ca7c
9971a4a806f48777ae6d9525085d16d0c6314c51
cdffa8dd48e75baa98670f82dfac2b3948667ca32dd93f469d2cd49d3a58581c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1531
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 01:29:39 GMT
Last-Modified: Wed, 11 Jan 2023 01:04:08 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.212.170.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.212.170.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /p035q+4NnOM3pfGaplQGA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: K/lswqhav+Lu5zJ3LS1CNPq8+vU=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12480
Expires: Wed, 11 Jan 2023 04:57:40 GMT
Date: Wed, 11 Jan 2023 01:29:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12480
Expires: Wed, 11 Jan 2023 04:57:40 GMT
Date: Wed, 11 Jan 2023 01:29:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12480
Expires: Wed, 11 Jan 2023 04:57:40 GMT
Date: Wed, 11 Jan 2023 01:29:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12480
Expires: Wed, 11 Jan 2023 04:57:40 GMT
Date: Wed, 11 Jan 2023 01:29:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12480
Expires: Wed, 11 Jan 2023 04:57:40 GMT
Date: Wed, 11 Jan 2023 01:29:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6836f9-47c0-4072-8841-9838455af78e.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6836f9-47c0-4072-8841-9838455af78e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 739d7b6363767151f0dfda26339c03cb
5f1c3e27d48f83326202e300331825537cc84189
8d460467f4c61ecd4b44d910afa13688e9bd2f36762f79ad3cdd025eede65f8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6836f9-47c0-4072-8841-9838455af78e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12862
x-amzn-requestid: a947df07-a29c-4e5e-98ec-724b6a1a439d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecM0gFZ2IAMF-yQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb281c-00ccdc2017f0288f2037c971;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 20:31:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gMk-uLA5XrsZhirlVFRSYcqGvehObPakZpMxmIHExpikOprqFHajiQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 07:38:02 GMT
age: 64298
etag: "5f1c3e27d48f83326202e300331825537cc84189"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdae53ed8-392a-4b15-b1e3-96999c5f49db.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdae53ed8-392a-4b15-b1e3-96999c5f49db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f8313b7aa2c2aec3d6744400fd2382b1
d67bf6707d6a8cc5a30bd74b7e54a8f0530919d4
c410b057ec9c2800fd6ecf4ede4224e8d18952d26847a8e18fa6d528c86c5068
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdae53ed8-392a-4b15-b1e3-96999c5f49db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8824
x-amzn-requestid: e1c1dc5d-c378-46d5-b824-9592ec3ef357
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eXAQBHvMIAMFaoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b913ff-1fb67eee5791cc466031ac7e;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 06:41:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: twhBYS4Q4xOMgfqQ3k0upuegr1s7Xrkv4q7pxuL-fr-7NHpzSR29CQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 08:06:14 GMT
age: 62606
etag: "d67bf6707d6a8cc5a30bd74b7e54a8f0530919d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56de8a53fb494855ff7717eeb39c1fed
438999ac8d0853e235a2c0e0f404291961c891ab
357db338b2f6fcf434bdd9c2561f91d3fc7e5d42a92e5068402ce3eeb6fba412
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6400
x-amzn-requestid: f76c3961-a118-4639-a943-2ffbd3d28537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaD7hEEdoAMFs5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba4d16-3881379864dcae085aa4fd4d;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 04:56:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DmS2bnkBSYTi7rEZuQ_frZ6GwU-PHrD3GfDXv7rDkp_ytjR7c9FhWw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 09:21:14 GMT
age: 58106
etag: "438999ac8d0853e235a2c0e0f404291961c891ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d11194f94b91e55e976fc5d704afa55
eb6c7b73b80d2d41e6e4801a0b671e2a5c1cdf5b
66b01e33e1bc18d18e187632738f8ff49ef58a2d054367173c0570b7caa76260
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4116
x-amzn-requestid: 64c7b71c-74a5-4304-bab5-305de0e4c9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eON3PHCaoAMF_Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5902e-72ada40c0419baa7763c2441;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 14:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wrpetZbXyS3pCR4ZBK2XXJRHbg652psant3gpl9ALVEZcfPE1ez8xw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 03:55:51 GMT
age: 77629
etag: "eb6c7b73b80d2d41e6e4801a0b671e2a5c1cdf5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29a4e5f8-90d2-4932-b687-e827f7b75a6b.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29a4e5f8-90d2-4932-b687-e827f7b75a6b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82b10434cd29773d0f2f05a9904bd8d7
254f8d0a30d61afe871b7d603d4f0669bfb59808
5955b48e68572fd477fbb1bf172c3d590320b7408668a7fc586022362dd7447d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29a4e5f8-90d2-4932-b687-e827f7b75a6b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8395
x-amzn-requestid: 13f52de6-c624-4005-8c98-b8299ce3d156
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei75DGBwIAMFU3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9d3-278ee7ad4b30336e2ada7970;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GgE9t2dma-Vdolh6eOwjqtNz-rLzDCflksYIj1mcogunBV8dxgCIkQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:51:12 GMT
age: 13108
etag: "254f8d0a30d61afe871b7d603d4f0669bfb59808"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94fd75b6-8b38-4585-a6d9-7fe9c9b69e86.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94fd75b6-8b38-4585-a6d9-7fe9c9b69e86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d51c94181cae0f64af5a64d0a154598
e540e8d54f425408d38a4ad69144ec87041a440c
4577272b9ef8c0d2c431d84dd241fe174ab986900f9c78075e8938e15eaff731
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94fd75b6-8b38-4585-a6d9-7fe9c9b69e86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7412
x-amzn-requestid: 1794e3d3-4c51-4745-bfdd-330ffdb2ac6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTxflFI3oAMFx6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c930-2060926968f809af6f667c72;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:09:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wfzYApGFYslBRrmfzylooEWafrwNyLN1xOo2YyYMrPYa3caAdV6SSw==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 12:17:46 GMT
age: 47514
etag: "e540e8d54f425408d38a4ad69144ec87041a440c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 01:29:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 01:29:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 01:29:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6b11b6253aaf522320ab85bcb5a7ae3e
12caaeaf823a0ce97549d4bf2cc727c135313b22
6539b16feab0102e166ffb63e5a5f8dc2e917053d430f093f4e99687ce716324
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 01:29:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 01:29:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staging.hotelviladepremia.com/wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1662368303
167.86.73.18200 OK 4.3 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1662368303
IP 167.86.73.18:0
File type Unicode text, UTF-8 text, with very long lines (26316), with no line terminators
Hash 0e9a60c262615e4920afe542ae0915e7
bafb0c53e36150f91ea7e86bd927965a770b5f61
8b8912a6a26671400bbd37c9b5ff0f7bc4f3239531d513362dcf35b717925d2a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1662368303 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:58:23 GMT
etag: W/"6315ba2f-66d0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.2.2
167.86.73.18200 OK 3.5 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.2.2
IP 167.86.73.18:0
File type ASCII text, with very long lines (365)
Hash 801f9cbdff1c32277545305619dba4f0
9968cd1c892cdf2f650b143d068e4912d80bde83
db6283f8e6b7b6ce4139a566cec516fe825ce1582c03ea2795d37596fd827e04
GET /wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:13 GMT
etag: W/"5cebd201-48eb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/moment-with-locales.min.js?ver=6.0.3
104.17.24.14200 OK 54 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/moment-with-locales.min.js?ver=6.0.3
IP 104.17.24.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash da708ff34bb8b91823e05f3dc9c47fc8
776a5586cea14fb983ebbeb47089f23166a7e3a5
c1e79918a76dbe401de5ca772209c8af7c134f43e71f17433a1ac82c255ccf12
GET /ajax/libs/moment.js/2.22.2/moment-with-locales.min.js?ver=6.0.3 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 53699
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-4fc01"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 10743503
expires: Mon, 01 Jan 2024 01:29:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4DeYkB90VjhXvGE42Ms3EdGVEniQRdFM6Xtz9rRxRyJHWrd96elZJqhH7%2BZfjW8lFV0oOwvgfmPxct4%2Bfalz1kOSaB54zF51kMLYHUr3zDC1WqBfoqN%2BrKRdRcMwPxGU7rusjl0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7879e2017a7cb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-145338186-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-145338186-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 09f1781d1ed3f491402370d232c3f099
32d282b0210608d7a4d6b5dcb36c70f44fd84f6b
e39f1083d2dbd396389dadeba805636870bc5139e32bbeec7eeb3bad091d87ef
GET /gtag/js?id=UA-145338186-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 11 Jan 2023 01:29:41 GMT
expires: Wed, 11 Jan 2023 01:29:41 GMT
cache-control: private, max-age=900
last-modified: Wed, 11 Jan 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44799
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-718123990
142.250.74.168200 OK 54 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-718123990
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 2246eb05543d87d89387aa8ca6e9d463
f2b47bb3341a1094c993a1475d4ea1a2ef72755a
750d6b4ce43641622256f0df40236010f86bf748cd033aad06eb187cd43b7b63
GET /gtag/js?id=AW-718123990 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 11 Jan 2023 01:29:41 GMT
expires: Wed, 11 Jan 2023 01:29:41 GMT
cache-control: private, max-age=900
last-modified: Wed, 11 Jan 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 54241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 01:29:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.2.2
167.86.73.18200 OK 4.8 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.2.2
IP 167.86.73.18:0
File type ASCII text, with very long lines (58508), with no line terminators
Hash 1d60f17f2365b8834a53cc0657eb839c
088e0572f02b789ae7b01f4f29cfe835ea08a5cb
5becfe656c422c8366a18fd972e3d3c6ddb2540d3dd324ddbf683598a645760d
GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:12 GMT
etag: W/"5cebd200-e48c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
216.58.211.14200 OK 27 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
IP 216.58.211.14:0
Hash 27b9ece6a9439a87769f4b25fa243165
01b5e92c764c94d751bf7bf6b2eb46b59bafd2a4
2354ef58721372fb97965fa69f7cdf4ff406667131a9de7bd6757475d1026b4b
GET /translate_a/element.js?cb=GoogleLanguageTranslatorInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 11 Jan 2023 01:29:41 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+324; expires=Fri, 10-Jan-2025 01:29:41 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/images/logo/logo.png
167.86.73.18200 OK 1.3 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/images/logo/logo.png
IP 167.86.73.18:0
File type PNG image data, 129 x 30, 8-bit colormap, non-interlaced\012- data
Hash 106247894ca5953b46daadc299df224f
044d44ffdbc651cfeba424212358b1142e373a39
00f31e318f7681fa708a4aeb998b713ede05ba9f2bab7058cf9275ee2a26fb8f
GET /wp-content/themes/betheme/images/logo/logo.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/png
content-length: 1317
last-modified: Mon, 27 May 2019 12:03:41 GMT
etag: "5cebd21d-525"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-gsap.min.js?1576586450
167.86.73.18200 OK 34 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-gsap.min.js?1576586450
IP 167.86.73.18:0
File type ASCII text, with very long lines (32265)
Hash a4051d354a0ef633fa2064d3e1707a31
f9a06ed1655128f1d3998c86c285888fd2692ef9
e579ee4d4888e743eefdd800ea651d80fd1a765a379e3a4646ad9d3094d35fc9
GET /wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-gsap.min.js?1576586450 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:50 GMT
etag: W/"5df8ccd2-1843b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/016-payment-1.png
167.86.73.18200 OK 8.3 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/016-payment-1.png
IP 167.86.73.18:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 5bedd30f623b0534d2e5580378a35606
2e478f89f40100e3930d0637971040c5a6b47db1
c72c674d1fc633192897ba5c0b25609e76a275de4b6f992b8fc5bbfa80b7628e
GET /wp-content/uploads/2019/12/016-payment-1.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/png
content-length: 8338
last-modified: Fri, 13 Dec 2019 17:26:57 GMT
etag: "5df3c9e1-2092"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/109-hotel-5.png
167.86.73.18200 OK 7.4 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/109-hotel-5.png
IP 167.86.73.18:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 1dc0f7e24a3dd59cd207fc37c8ac37c5
e3d430c0da06a46e02bed47507df04ab147d3f7b
d3c3ff66cdb1793644102729a9721101d7382a860aa067f228120766c6a1506a
GET /wp-content/uploads/2019/12/109-hotel-5.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/png
content-length: 7410
last-modified: Fri, 13 Dec 2019 17:27:06 GMT
etag: "5df3c9ea-1cf2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/077-like.png
167.86.73.18200 OK 7.6 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/077-like.png
IP 167.86.73.18:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 83c6399dad3f08149cced225690ec587
08e224af078b00b7733c38cfcb0e637f07d31577
cf4335c4d1d5c623298f6b08ffc30a480ae54f2e5b0993a9611ff4c0eb8ce3d9
GET /wp-content/uploads/2019/12/077-like.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/png
content-length: 7634
last-modified: Fri, 13 Dec 2019 17:27:03 GMT
etag: "5df3c9e7-1dd2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/057-real-estate.png
167.86.73.18200 OK 7.7 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/057-real-estate.png
IP 167.86.73.18:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash dff43fd7a24c10adb8f8d0bb910ac287
303c815920b4772683c21f70b3603c7d88d953bb
ebf8c0555897148ffbcb6f5bd59a833af00af286baff2a7a1b8c3692436c562e
GET /wp-content/uploads/2019/12/057-real-estate.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/png
content-length: 7655
last-modified: Fri, 13 Dec 2019 17:27:00 GMT
etag: "5df3c9e4-1de7"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/118-verified-1.png
167.86.73.18200 OK 6.5 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/118-verified-1.png
IP 167.86.73.18:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash f2f413b4f6b3070c12dbf9bf244f5c9f
21f743c0b77180ce11537274d0f93a1f8b798d60
5cdc66dcd9f5090919edea305e369a27e7237032b721a310f73e7ec0a5e8eb96
GET /wp-content/uploads/2019/12/118-verified-1.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/png
content-length: 6501
last-modified: Fri, 13 Dec 2019 17:27:10 GMT
etag: "5df3c9ee-1965"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/12/1010377-1630x860.jpg
167.86.73.18200 OK 309 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/12/1010377-1630x860.jpg
IP 167.86.73.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=Panasonic, model=DMC-G80, xresolution=128, yresolution=136, resolutionunit=2, software=Capture One Pro 12.0 Windows, copyright=David Martinez Fernandez], baseline, precision 8, 1630x860, components 3\012- data
Size 309 kB (309166 bytes)
Hash c0c2dc69405fffb43f4cfd8133885f39
62a03bfc0d70b4d0cb27cb1cc730502e70a1ad9f
0cc651d7466d872bf29d0511514cfe6933b45fe3abccf3cc903ce4923597e4fe
GET /wp-content/uploads/2019/12/1010377-1630x860.jpg HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/jpeg
content-length: 309166
last-modified: Wed, 18 Dec 2019 18:33:30 GMT
etag: "5dfa70fa-4b7ae"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c3fd30fde05ffa92161820ed17a3d5b9
66c285854a169af659b264abc9bd6500f014273b
dabe424c20292bfc7383e61f3c13c6229e12b1f1efde81256b4b5d9086bd83fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DABE424C20292BFC7383E61F3C13C6229E12B1F1EFDE81256B4B5D9086BD83FC"
Last-Modified: Wed, 11 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Wed, 11 Jan 2023 07:29:06 GMT
Date: Wed, 11 Jan 2023 01:29:41 GMT
Connection: keep-alive
hotelviladepremia.com/wp-content/uploads/2019/05/divider.png
167.86.73.18200 OK 255 B URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/05/divider.png
IP 167.86.73.18:0
File type PNG image data, 7 x 73, 8-bit colormap, non-interlaced\012- data
Hash e8db90c766ab45c9814f1b57dc43fb38
f3f808247e74b74c494b8ed64ea0e9ee52e3b783
fc76a86b7bd274b72d60d8ac1a80f3391718355940f12db3c628fa823f9556b0
GET /wp-content/uploads/2019/05/divider.png HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/png
content-length: 255
last-modified: Fri, 19 Jul 2019 10:01:41 GMT
etag: "5d319505-ff"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/05/star.png
167.86.73.18200 OK 542 B URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/05/star.png
IP 167.86.73.18:0
File type PNG image data, 88 x 54, 8-bit colormap, non-interlaced\012- data
Hash f256ee0ce386510627ee99bddcdc8f35
97cf0a026da82db827ef25baefce4159f48c4f1d
0986daa49a27f439ef6e833a3b8440273d2c58f03b888231e6f391739e914cd5
GET /wp-content/uploads/2019/05/star.png HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/png
content-length: 542
last-modified: Fri, 19 Jul 2019 09:58:22 GMT
etag: "5d31943e-21e"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.2.2
167.86.73.18200 OK 2.4 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.2.2
IP 167.86.73.18:0
Hash 71575797d96c0cc06ef2200f7865de43
6b08996625906acaa2ea250b2ac6e29da0240e65
55b0363152e0dd612eec280bfcb75e62cc4e33268790bb30f6cb6651e7b969b0
GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:13 GMT
etag: W/"5cebd201-266a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/style.css?ver=21.2.2
167.86.73.18200 OK 694 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/style.css?ver=21.2.2
IP 167.86.73.18:0
Hash 74bb8e781305fab7b05b3e126b9ddae7
31046f789a3568e08ca056871f896eaf2ec2d826
ab35f2f737839422279c504a7511a38452f9fed4af75f7caed1148b0addd9fd5
GET /wp-content/themes/betheme/style.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Tue, 22 Oct 2019 16:16:02 GMT
etag: W/"15e-595821dcfd480"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Merriweather+Sans%3A300%2C400%2C700%2C800+Sans%3A300%2C400%2C700&ver=6.0.3
216.58.207.202200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Merriweather+Sans%3A300%2C400%2C700%2C800+Sans%3A300%2C400%2C700&ver=6.0.3
IP 216.58.207.202:0
Hash 3079685994563ef80afda728b528b109
8adfba753db0220506e76b692c1b8675dc6f46e5
a56b0f32788b5daf74ee6e21faab907e3f5361f6b276d0b6eee0abe282cfb89e
GET /css?family=Merriweather+Sans%3A300%2C400%2C700%2C800+Sans%3A300%2C400%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jan 2023 01:29:41 GMT
date: Wed, 11 Jan 2023 01:29:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=6.0.3
216.58.207.202200 OK 799 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=6.0.3
IP 216.58.207.202:0
Hash 92d3d313b4192fee4e1db7bdf434ae4b
49ede64352aae1ed31196a6decbd36d6e819ee14
b64e2923b902a236e184ddbbed495799ceacd4091a665888168383fb3d019126
GET /css?family=Montserrat%3A400%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jan 2023 01:29:41 GMT
date: Wed, 11 Jan 2023 01:29:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato%3A400%2C300italic%2C400italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3
142.250.74.138200 OK 4.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A400%2C300italic%2C400italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3
IP 142.250.74.138:0
Hash f3bf44e1ece5b8c3fdb4b15f758d54a6
a69bd9a78265432d0de8f4c8f0c852e5640b3337
1f3c8b0ba5360c1704aa520866324e1aae48394a2a645690b84469803e263e59
GET /css?family=Lato%3A400%2C300italic%2C400italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 01:19:03 GMT
expires: Wed, 11 Jan 2023 02:19:03 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
content-type: text/css
age: 638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/images/stripes/stripes_3_b.png
167.86.73.18200 OK 974 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/images/stripes/stripes_3_b.png
IP 167.86.73.18:0
File type PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash b5d66cece54745f352d2d52e6195a4ee
7b7313014426b12f9d51e4deb9ba237f11759dcf
30cb91834555c22273bd8f0d521bebaff6020b2e54bae4ccfc199f4a1daaf2eb
GET /wp-content/themes/betheme/images/stripes/stripes_3_b.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/wp-content/themes/betheme/css/shortcodes.css?ver=21.2.2
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/png
content-length: 974
x-accel-version: 0.01
last-modified: Mon, 27 May 2019 12:03:44 GMT
etag: "3ce-589dd5700c800"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/css/bootstrap-datepicker.standalone.min.css?ver=6.0.3
167.86.73.18200 OK 2.5 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/css/bootstrap-datepicker.standalone.min.css?ver=6.0.3
IP 167.86.73.18:0
File type ASCII text, with very long lines (16264)
Hash cd5bd9f9e50e2cdf13d3881dc0bb8965
557a546ae0786c7606c9d3f496dc1c278d7f1fc9
d2db7af541f2ca58c273cf3d3c6510235a442cf247195a6ac5873aad0f0cd6fc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/oscar-hotel-booking-engine/assets/css/bootstrap-datepicker.standalone.min.css?ver=6.0.3 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:54:25 GMT
etag: W/"6315b941-4044"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/dist/smartslider-frontend.min.js?1576586448
167.86.73.18200 OK 128 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/dist/smartslider-frontend.min.js?1576586448
IP 167.86.73.18:0
File type ASCII text, with very long lines (32103)
Size 128 kB (127798 bytes)
Hash 1f824f5f4e5a3a8b1bf56293e30abe71
ca18d69f12809614f562f946bef7581b203af932
7663e2a32f95121cf57239a1f13f2c4aedda49a6fe8154e625d41ef223617f9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nextend-smart-slider3-pro/library/media/dist/smartslider-frontend.min.js?1576586448 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:48 GMT
etag: W/"5df8ccd0-37db9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/n2-j.min.js?1576586450
167.86.73.18200 OK 88 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/n2-j.min.js?1576586450
IP 167.86.73.18:0
File type ASCII text, with very long lines (32099)
Hash 390bc2d4bacccff3e211fd17231698fc
b591b2fdf33d2d6c3439f0f31e08c3005bca9f77
8fe8ffa7cdf4d204f97789749a0335f4d0b105082423620f79a29f3927c4421e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/n2-j.min.js?1576586450 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:50 GMT
etag: W/"5df8ccd2-18694"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/smls-frontend-style.css?ver=1.1.9
167.86.73.18200 OK 19 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/smls-frontend-style.css?ver=1.1.9
IP 167.86.73.18:0
File type ASCII text, with CRLF line terminators
Hash d78f3532cd3c0b8bcb75c23e7f7c63ef
60f95d829620cc9e5df59b66414a4f15e40d4b3a
99170db162910c0ec3c3026f61ac5572b3bcc174b88d52a6b1e94282ceb78b31
GET /wp-content/plugins/smart-logo-showcase-lite/css/smls-frontend-style.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-7c46"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
chimpstatic.com/mcjs-connected/js/users/3741631e97502d317bdda9396/a7295cf6ce438a2984bc04d9a.js
96.6.17.210200 OK 50 B URL HTTP/1.1 chimpstatic.com/mcjs-connected/js/users/3741631e97502d317bdda9396/a7295cf6ce438a2984bc04d9a.js
IP 96.6.17.210:0
Hash 104d46a3208b40e8ded389332f5a78a3
4ab55ccb2972e9a3cb62c65c97308c2450a682bb
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
GET /mcjs-connected/js/users/3741631e97502d317bdda9396/a7295cf6ce438a2984bc04d9a.js HTTP/1.1
Host: chimpstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: mQuoMlhIGX651IUHC6NcgnO/9ygi8b6LitOR96X5/5wW12N/5iOe9HS+SsvkEUzbzMRYoMfBb/g=
x-amz-request-id: EYG91NTEKQN03AYZ
Last-Modified: Wed, 15 Jan 2020 11:32:46 GMT
ETag: "104d46a3208b40e8ded389332f5a78a3"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 50
X-EdgeConnect-MidMile-RTT: 6, 6, 18, 18
X-EdgeConnect-Origin-MEX-Latency: 181, 101, 105, 92
Cache-Control: max-age=1800
Expires: Wed, 11 Jan 2023 01:59:41 GMT
Date: Wed, 11 Jan 2023 01:29:41 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A300%2C400%2C400italic%2C500%2C700%2C700italic&ver=6.0.3
216.58.207.202200 OK 32 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A300%2C400%2C400italic%2C500%2C700%2C700italic&ver=6.0.3
IP 216.58.207.202:0
Hash 16411c5c84712be9ec26a0909ff4bbb0
e90c0dcc5f0d54aed71f98866b0f925edcdd7ad5
c5d45549ba41019034be36c71f3ac66dd24599abd55c8c63c1de22ac45cd35df
GET /css?family=Roboto%3A300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A300%2C400%2C400italic%2C500%2C700%2C700italic&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jan 2023 01:29:41 GMT
date: Wed, 11 Jan 2023 01:29:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 07:01:24 GMT
expires: Wed, 10 Jan 2024 07:01:24 GMT
cache-control: public, max-age=31536000
age: 66497
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oxygen%3A300%2C400%2C700&ver=6.0.3
216.58.207.202200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?family=Oxygen%3A300%2C400%2C700&ver=6.0.3
IP 216.58.207.202:0
Hash a74a4ceca72358066c7cd9cfda458972
1555e249cd04def75dbd791e5335e911ad12216f
5c05ec1bd9d3745b36f8a4bb9fda7292cd30debe6eaf1014003bf8f6f13b2ec4
GET /css?family=Oxygen%3A300%2C400%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jan 2023 01:29:41 GMT
date: Wed, 11 Jan 2023 01:29:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/css/shortcodes.css?ver=21.2.2
167.86.73.18200 OK 37 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/css/shortcodes.css?ver=21.2.2
IP 167.86.73.18:0
File type ASCII text, with very long lines (404)
Hash d871d7d8c839075164e0f0345d74d37f
07aadac28ce89e30d9a46efa734adfc6eafa3bd8
7210f2be9c1bcfd48ef98bf6746bd1a16aab4fe367ae1da90e90fb926684ba0f
GET /wp-content/themes/betheme/css/shortcodes.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:17 GMT
etag: W/"5cebd205-217f9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:34:15 GMT
expires: Thu, 04 Jan 2024 19:34:15 GMT
cache-control: public, max-age=31536000
age: 539726
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-19.jpg
167.86.73.18200 OK 1.4 MB URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-19.jpg
IP 167.86.73.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=FUJIFILM, model=X-T1, xresolution=126, yresolution=134, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 8.2 (Windows), datetime=2019:05:23 12:39:37], baseline, precision 8, 4896x3264, components 3\012- data
Size 1.4 MB (1409126 bytes)
Hash f1981202c54cf2fe28be20e898b65cd5
a081c3ad3c674932c82fd2b1987a5138e1d97141
3f8b772f793eac6c65d860d52c0d5c3f2784f0649ff84a7b15e1b7aee3e2a46b
GET /wp-content/uploads/2019/07/sin-t%C3%ADtulo-19.jpg HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/jpeg
content-length: 1409126
last-modified: Fri, 19 Jul 2019 10:26:04 GMT
etag: "5d319abc-158066"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 01:29:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staging.hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-18-1-1630x860.jpg
167.86.73.18200 OK 192 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-18-1-1630x860.jpg
IP 167.86.73.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1630x860, components 3\012- data
Size 192 kB (191753 bytes)
Hash d5b4d6c40c480aabddefe94df92a43f7
67406048ce5a83bb9069fe8f2d4a2ed2ea011b7e
952590b2ca2429e9f63cd4b46a005f79cb26474faa5f9fa04887581b5cc5e719
GET /wp-content/uploads/2019/07/sin-t%C3%ADtulo-18-1-1630x860.jpg HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:42 GMT
content-type: image/jpeg
content-length: 191753
last-modified: Fri, 19 Jul 2019 10:48:27 GMT
etag: "5d319ffb-2ed09"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-36-1-1630x860.jpg
167.86.73.18200 OK 194 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-36-1-1630x860.jpg
IP 167.86.73.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=FUJIFILM, model=X-T1, xresolution=126, yresolution=134, resolutionunit=2, software=Capture One 12.0 Windows, copyright=David Martinez Fernandez], baseline, precision 8, 1630x860, components 3\012- data
Size 194 kB (194138 bytes)
Hash 51d2b093cddff53caf0152056a19f3c3
f053a4922e12c862ed39a556030cd03cf7c89afa
2cb09088f44ffe9d0b8564227d24029f428f918122d88df17c68b028d446cd1f
GET /wp-content/uploads/2019/07/sin-t%C3%ADtulo-36-1-1630x860.jpg HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:42 GMT
content-type: image/jpeg
content-length: 194138
last-modified: Fri, 19 Jul 2019 17:30:19 GMT
etag: "5d31fe2b-2f65a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-14-1.jpg
167.86.73.18200 OK 956 kB URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-14-1.jpg
IP 167.86.73.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=FUJIFILM, model=X-T1, xresolution=126, yresolution=134, resolutionunit=2, software=Capture One 12.0 Windows, copyright=David Martinez Fernandez], baseline, precision 8, 4896x3264, components 3\012- data
Size 956 kB (955785 bytes)
Hash d69169c883b94c8940298077655b4e9b
8ca76eb15852db983e8a8a5a336f74b30842a1fb
1571f880c54130cd8dcc191f898c015aef2cbe60b55175b1e57e644693fe006e
GET /wp-content/uploads/2019/07/sin-t%C3%ADtulo-14-1.jpg HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/jpeg
content-length: 955785
last-modified: Fri, 19 Jul 2019 17:28:39 GMT
etag: "5d31fdc7-e9589"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-22-1.jpg
167.86.73.18200 OK 1.3 MB URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-22-1.jpg
IP 167.86.73.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=FUJIFILM, model=X-T1, xresolution=126, yresolution=134, resolutionunit=2, software=Capture One 12.0 Windows, copyright=David Martinez Fernandez], baseline, precision 8, 4896x3264, components 3\012- data
Size 1.3 MB (1329754 bytes)
Hash 30bdd3aa595864bb23a439b0acbc90af
fac4dd3ee4f48485a1876ca756486de66f1acdfc
a963a3b428f22e08c6507ce4cc9519a7fcb4b2e738496582f09afaeeecf4aa53
GET /wp-content/uploads/2019/07/sin-t%C3%ADtulo-22-1.jpg HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/jpeg
content-length: 1329754
last-modified: Fri, 19 Jul 2019 17:29:10 GMT
etag: "5d31fde6-144a5a"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/js/bootstrap_ohbe_datepicker.min.js?ver=6.0.3
167.86.73.18200 OK 1.9 MB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/js/bootstrap_ohbe_datepicker.min.js?ver=6.0.3
IP 167.86.73.18:0
File type ASCII text, with very long lines (31976)
Size 1.9 MB (1885019 bytes)
Hash f87eadd158bd63fb112a2283615aa41c
916bb00146f9edd8dabb94046c81d30bd091e494
39ad898976406037714c7ca04bcbab3832c25fac6e11e82a1874503d104e3fae
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/oscar-hotel-booking-engine/assets/js/bootstrap_ohbe_datepicker.min.js?ver=6.0.3 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:54:25 GMT
etag: W/"6315b941-83d9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
hotelviladepremia.com/wp-content/uploads/2019/07/Castell_Burriac.jpg
167.86.73.18200 OK 3.1 MB URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/07/Castell_Burriac.jpg
IP 167.86.73.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 3888x2592, components 3\012- data
Size 3.1 MB (3073709 bytes)
Hash e3d278d34497ad0d9449bfc7f38300a9
3661c788bfb5b3361fb525d6b98e3e8f7f6f0d19
72d59fe8fba59324a7bd77cef9bace35db0114fb6cc892ee441adb9a37a270a8
GET /wp-content/uploads/2019/07/Castell_Burriac.jpg HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/jpeg
content-length: 3073709
last-modified: Wed, 24 Jul 2019 15:49:40 GMT
etag: "5d387e14-2ee6ad"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e66327c1432d5d48f99cc8a5c2700650
3e9d4e089fc8dba03725b1ddfe29967dfedd39f0
72c3bd8f7ad9b002555a0f2520ff4d705778c04b2469f6fc4ddb6edb2bb9c079
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3107
Cache-Control: max-age=139645
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 01:29:42 GMT
Etag: "63bd8360-116"
Expires: Thu, 12 Jan 2023 16:17:07 GMT
Last-Modified: Tue, 10 Jan 2023 15:25:20 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-843.jpg
167.86.73.18200 OK 236 kB URL HTTP/2 hotelviladepremia.com/wp-content/uploads/2019/07/sin-t%C3%ADtulo-843.jpg
IP 167.86.73.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1630x860, components 3\012- data
Size 236 kB (235780 bytes)
Hash 1a259fc81901f993da47eaabdc05eba0
9926a9863fb4c4a8e92908765f91f8956ec99056
01d285b697c070c11382162321a03bfc76655dcbba21e821004fba9283176294
GET /wp-content/uploads/2019/07/sin-t%C3%ADtulo-843.jpg HTTP/1.1
Host: hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: image/jpeg
content-length: 359363
last-modified: Fri, 19 Jul 2019 10:34:23 GMT
etag: "5d319caf-57bc3"
pragma: public
cache-control: max-age=31536000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/images/flags.png
167.86.73.18200 OK 55 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/images/flags.png
IP 167.86.73.18:0
File type PNG image data, 169 x 520, 8-bit/color RGBA, non-interlaced\012- data
Hash 89c95031b56b90591fd4ef80558f8c25
9599f52c93b38f3e68686f299b3184be0a9de63a
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e
GET /wp-content/plugins/google-language-translator/images/flags.png HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580; _gcl_au=1.1.303387518.1673400568; cookielawinfo-checkbox-necessary=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:42 GMT
content-type: image/png
content-length: 54996
last-modified: Mon, 05 Sep 2022 08:50:00 GMT
etag: "6315b838-d6d4"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/images/favicon.ico
167.86.73.18200 OK 5.4 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/images/favicon.ico
IP 167.86.73.18:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 9d1b031ca1395a94a6886087e245cb7b
f3f85d209c8f92593b568197814f0f0fcee45ad7
b47275b5b6878455d8937e95b32301f17c3caf0a233be8e864e9dc07493806f1
GET /wp-content/themes/betheme/images/favicon.ico HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580; _gcl_au=1.1.303387518.1673400568; cookielawinfo-checkbox-necessary=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:42 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
last-modified: Mon, 27 May 2019 12:03:38 GMT
etag: "5cebd21a-1536"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 39e74fee23bd195e2926cf5241f2fca5
a3361a128141f84053b85994e1a3b2f3e9c9d979
aaa2168872731f90ab7c5d5e98dc17660973582d1b157f4e4a3be4939e99b7e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 01:29:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rec.smartlook.com/recorder.js
185.76.9.18200 OK 1.8 kB URL HTTP/2 rec.smartlook.com/recorder.js
IP 185.76.9.18:0
ASN #60068 Datacamp Limited
Hash 24f09e84d128fbe0cdcee9e4b000bb09
76f6a4017aae680e054f3c2c11da894ba99d4642
f84449192be4fa6a70148dd422197610fc1027febaf88012e29a41f9630d757a
GET /recorder.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:42 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
etag: W/"63bd28f4-c4a"
last-modified: Tue, 10 Jan 2023 08:59:32 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1673401031
server: CDN77-Turbo
x-77-nzt: AblMCQ0wymz/lwAAAA
x-77-nzt-ray: c0a4cc28b250dee20611be63bf0c552d
x-cache: HIT
x-age: 151
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 11 Jan 2023 00:21:55 GMT
expires: Wed, 11 Jan 2023 02:21:55 GMT
cache-control: public, max-age=7200
age: 4067
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/718123990/?random=1673400568106&cv=11&fst=1673400568106&bg=ffffff&guid=ON&async=1>m=2oa190&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&did=dNDMyYj&gdid=dNDMyYj&auid=303387518.1673400568&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 917 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/718123990/?random=1673400568106&cv=11&fst=1673400568106&bg=ffffff&guid=ON&async=1>m=2oa190&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&did=dNDMyYj&gdid=dNDMyYj&auid=303387518.1673400568&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (1965), with no line terminators
Hash 9bdc43f270e62eea00f388c4a2d10c15
c59d1c1dfa5c25bfe0b79c30e9c60105d73fbc07
9ad50803c48368d51d344f1ee6818380bd288c8bb1a73d92b4ec2df127100edb
GET /pagead/viewthroughconversion/718123990/?random=1673400568106&cv=11&fst=1673400568106&bg=ffffff&guid=ON&async=1>m=2oa190&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&did=dNDMyYj&gdid=dNDMyYj&auid=303387518.1673400568&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 01:29:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 917
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 11-Jan-2023 01:44:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rec.smartlook.com/es6/init.58c0b64b78bc85d6687c.js
185.76.9.18200 OK 16 kB URL HTTP/2 rec.smartlook.com/es6/init.58c0b64b78bc85d6687c.js
IP 185.76.9.18:0
ASN #60068 Datacamp Limited
Hash 0b90b0b52caa6d3cbd50065ad5122940
d8fd26edf12fa59c07702e4dcfaee076b43d351f
b8c90afffbcb46d8a38e4ae90627a940776b7d971a94340c081a16baddd2da88
GET /es6/init.58c0b64b78bc85d6687c.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:42 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"63bd28f4-d8f2"
last-modified: Tue, 10 Jan 2023 08:59:32 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1704878714
server: CDN77-Turbo
x-77-nzt: AblMCQ1Vlwn/DOIAAA
x-77-nzt-ray: c0a4cc28fd510ce30611be634dec7730
x-cache: HIT
x-age: 57868
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/popup-contact.css?ver=1.1.9
167.86.73.18200 OK 228 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/popup-contact.css?ver=1.1.9
IP 167.86.73.18:0
Hash 5914173c01a08d0e6902e9c68255dba5
ead676a7165280fa371b72c258675031742989bc
9879cfbd8c333465ec95e8f52f7a392f340c517ab517b22bb5cfc3d80e48dacb
GET /wp-content/plugins/smart-logo-showcase-lite/css/popup-contact.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"278-5e7ea3dbf2bc8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 39bf291e57709ceecd07cf4dd5539ecd
e0b3aef8b47e4184fa743345c332f07bd3f7128e
3ee3402a998f6b858ecb1708f7fc42fa5f369abd4334dced3e621cd59cb26494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 01:29:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.35200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 21:20:41 GMT
expires: Wed, 10 Jan 2024 21:20:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 14941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.35200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 18:15:39 GMT
expires: Wed, 10 Jan 2024 18:15:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 26043
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/css/layout.css?ver=21.2.2
167.86.73.18200 OK 19 kB URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/css/layout.css?ver=21.2.2
IP 167.86.73.18:0
File type ASCII text, with very long lines (371)
Hash b7cbdc3fc9b0e1759b7de807adf3c4bc
eb23fab96cca5195762e163d3f98cb539e4f521e
a884c2b5a899421f1f2b19028445a0adc61d6b9367081a6c1516c8757352a6d1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/css/layout.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:18 GMT
etag: W/"5cebd206-1ca8b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e06041fffd1631ce1b63dbad57ffd663
eb5d6e4bd219550e6479ec50387c521d44137d7e
652460c549474ea053102600506c98e82ab5f72a478082f248d3ab37518ce612
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 01:29:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/718123990/?random=1673400568106&cv=11&fst=1673398800000&bg=ffffff&guid=ON&async=1>m=2oa190&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2019274296&rmt_tld=1&ipr=y
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/718123990/?random=1673400568106&cv=11&fst=1673398800000&bg=ffffff&guid=ON&async=1>m=2oa190&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2019274296&rmt_tld=1&ipr=y
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/718123990/?random=1673400568106&cv=11&fst=1673398800000&bg=ffffff&guid=ON&async=1>m=2oa190&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2019274296&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 01:29:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/718123990/?random=1673400568106&cv=11&fst=1673398800000&bg=ffffff&guid=ON&async=1>m=2oa190&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2019274296&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/718123990/?random=1673400568106&cv=11&fst=1673398800000&bg=ffffff&guid=ON&async=1>m=2oa190&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2019274296&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/718123990/?random=1673400568106&cv=11&fst=1673398800000&bg=ffffff&guid=ON&async=1>m=2oa190&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fstaging.hotelviladepremia.com%2F&tiba=Hotel%20Vila%20de%20Premia%20-%20Hotel%20para%20Bikers%20y%20Viajeros&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2019274296&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 11 Jan 2023 01:29:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a38c30af1c779bc9d80a205088798888
d989febed94cdd6d2587c2a24d249a44b828447f
12c18aa336978273d79efa14451256b40bb95aaedd434b03db4b5912b521c35d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 01:29:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staging.hotelviladepremia.com/
167.86.73.18200 OK 33 kB URL HTTP/2 staging.hotelviladepremia.com/
IP 167.86.73.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (38083)
Hash a4408ffccac7a9bc5977d5a0245075a4
35e7e101755197abf755870ce89f8f83c29477fe
ddd49d428889f879e205ba19e3726cf39924bf74093b0df61b99549f92ddf1bc
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:40 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
link: <https://staging.hotelviladepremia.com/wp-json/>; rel="https://api.w.org/", <https://staging.hotelviladepremia.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <https://staging.hotelviladepremia.com/>; rel=shortlink
set-cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; expires=Thu, 12-Jan-2023 01:29:39 GMT; Max-Age=86400; path=/; secure
qMuPUgcpZWl_IGx=HbyGIF7vU0z; expires=Thu, 12-Jan-2023 01:29:39 GMT; Max-Age=86400; path=/; secure
tfhBnUHVz=IUDNnaBfW2%404%2Ag; expires=Thu, 12-Jan-2023 01:29:39 GMT; Max-Age=86400; path=/; secure
PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; path=/
ls-popup-last-displayed=1673400580; expires=Tue, 31-Dec-2024 01:29:40 GMT; Max-Age=62208000; path=/
ls-popup-4=1673400580; expires=Thu, 11-Jan-2024 01:29:40 GMT; Max-Age=31536000
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js
172.67.38.66200 OK 119 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js
IP 172.67.38.66:0
File type ASCII text, with no line terminators
Hash ae2c377838b77becffe1bffea6fd85f2
7047751abde47b5166d7257f31c1d24889743c76
3cda2686f445311b40dbe3568adbc545da5973b2e833fb3e2667c733094f858f
GET /_s/v4/app/63b77dcd282/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:43 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e20be95bb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash f9c4d630489326df0da8821a94fbafff
28de80210adebcb2d340989b013414714f39cf11
65f5b75b5abf23bd3f3c4d8ba6f5211157851af49efeec9dd2043de3d5582839
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=94678
Date: Wed, 11 Jan 2023 01:29:44 GMT
Etag: "63bccb16-1d7"
Expires: Thu, 12 Jan 2023 03:47:42 GMT
Last-Modified: Tue, 10 Jan 2023 02:19:02 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TBonAPX0h0IrMlOlCLG65xXdeu4EgMnmi2H9B7unpcFWhy3Wb359ng==
Age: 5320
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js
172.67.38.66200 OK 28 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js
IP 172.67.38.66:0
File type ASCII text, with very long lines (65472)
Hash 7cbc4d7ea4ca3c162dd957f5971a4ad5
dee1eb503b6554d3aa221118626011b3d710ca18
0d967074db4a22dcf4808eec7ff4d7c62f7c4d9b824391a3433cf37a2e308b01
GET /_s/v4/app/63b77dcd282/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:43 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e20bd947b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash d2e2256e207701c1e5316fb07f32d4d4
7984a0b198461b428bcbd2949f8de1938e5127e7
9eabda01890eab219c74a2ff7dc7136fd600332e8eb4b3fe3948e30a8b84bf13
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119217
Date: Wed, 11 Jan 2023 01:29:44 GMT
Etag: "63bd3a2d-1d7"
Expires: Thu, 12 Jan 2023 10:36:41 GMT
Last-Modified: Tue, 10 Jan 2023 10:13:01 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qGxKQeji6dPlZc74smK8a_SdT-IFjBYWnhUWYn78WABlCfNgredlEQ==
Age: 1420
rec.smartlook.com/es6/bundle.d808ca8a796bcd92bd46.js
185.76.9.18200 OK 37 kB URL HTTP/2 rec.smartlook.com/es6/bundle.d808ca8a796bcd92bd46.js
IP 185.76.9.18:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (65451)
Hash 0878c85be0029b6880dba57cd55347a2
b67a212778aa9d0a8a26b0a9f1dad60b53872d72
a23e89a945ae990e852e9afd6fe776b1e4408ebc0e4b09469a44167a79657c7a
GET /es6/bundle.d808ca8a796bcd92bd46.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:44 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"63bd28f4-23465"
last-modified: Tue, 10 Jan 2023 08:59:32 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1704878737
server: CDN77-Turbo
x-77-nzt: AblMCQ0ztRb/9+EAAA
x-77-nzt-ray: c0a4cc28fd510ce30811be6306f9c917
x-cache: HIT
x-age: 57847
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/css/min-widget.css
172.67.38.66200 OK 59 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/css/min-widget.css
IP 172.67.38.66:0
File type ASCII text, with very long lines (24880), with no line terminators
Hash ed593e0c0711fa9525bc64008635af0e
c71feceda1ad93a927f976baf585956cda79b3ad
9a6804150568504624f6ca0fb88ac8f2546b455cf118c78621dc3ec3b502bc82
GET /_s/v4/app/63b77dcd282/css/min-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:44 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=24960
access-control-allow-origin: *
age: 57891
etag: W/"80df9814fe6b98404ccc1df3c455ceaa"
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e2179eb0b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js
172.67.38.66200 OK 4.8 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js
IP 172.67.38.66:0
File type ASCII text, with very long lines (15846), with no line terminators
Hash 62cb9f7b38c2200150cbc1abf1167d67
5f54a4eaa0f0748a4a593be180e8d5724d89c88a
3bb68a5f9e96745a70cd8155442f8ca39faf364b0b0025cd42ce4a8a31ac851b
GET /_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:44 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"d9f3d1c4504d77c3e7c2e3e2f126fd9b"
age: 57892
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e2172e7bb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15
IP 167.86.73.18:0
GET /wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:50:00 GMT
etag: W/"6315b838-1f7d7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-696bc286.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-696bc286.js
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/js/twk-chunk-696bc286.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:44 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"2aa8e4d8fcf9760a324a8b2e7902f6ca"
age: 57892
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e2171e76b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/css/max-widget.css
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/css/max-widget.css
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/css/max-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:44 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=75771
access-control-allow-origin: *
etag: W/"0158db159e8967dbda5865ed6b2e435d"
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 57891
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e217aebab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/js/scripts.js?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/js/scripts.js?ver=21.2.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/scripts.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:45 GMT
etag: W/"5cebd221-10b73"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js?ver=6.0.3
188.114.99.234200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js?ver=6.0.3
IP 188.114.99.234:0
GET /bootstrap/3.3.7/js/bootstrap.min.js?ver=6.0.3 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5869c96cc8f19086aee625d670d741f9"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 08/20/2022 02:31:21
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 0d1b14913827ad56e2b1a0c20b55f038
cdn-cache: HIT
cf-cache-status: HIT
age: 7350086
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7879e201ee0f0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.2.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:12 GMT
etag: W/"5cebd200-71e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
IP 167.86.73.18:0
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-226e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.2.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:12 GMT
etag: W/"5cebd200-cd96"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:48:46 GMT
etag: W/"6315b7ee-c22"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2019 13:50:17 GMT
etag: W/"5df78b99-e1a2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/smls-responsive.css?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/smls-responsive.css?ver=1.1.9
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/css/smls-responsive.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-1231"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/smartslider.min.css?1576586449
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/smartslider.min.css?1576586449
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nextend-smart-slider3-pro/library/media/smartslider.min.css?1576586449 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2019 12:40:49 GMT
etag: W/"5df8ccd1-4cc6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:44 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"09c3819d373bd4178a620d721429fada"
age: 57892
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e2172e7fb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-2bd8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:48:46 GMT
etag: W/"6315b7ee-8583"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-50eb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:48:46 GMT
etag: W/"6315b7ee-6a71"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.0
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.0
IP 167.86.73.18:0
GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.0 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 22:29:12 GMT
etag: W/"636986b8-2e3b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 167.86.73.18:0
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-15db1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5
IP 167.86.73.18:0
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2019 13:50:15 GMT
etag: W/"5df78b97-43767"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/js/ohbe-common.js?ver=4.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/js/ohbe-common.js?ver=4.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/oscar-hotel-booking-engine/assets/js/ohbe-common.js?ver=4.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:54:25 GMT
etag: W/"6315b941-1803"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/tooltipster.bundle.css?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/tooltipster.bundle.css?ver=1.1.9
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/css/tooltipster.bundle.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-4162"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A400%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3
216.58.207.202200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3
IP 216.58.207.202:0
GET /css?family=Roboto%3A400%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900italic%2C900&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jan 2023 01:29:41 GMT
date: Wed, 11 Jan 2023 01:29:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1662368303
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1662368303
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1662368303 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:58:23 GMT
etag: W/"6315ba2f-e6f5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/plugins/type/carousel/carousel/dist/smartslider-carousel-single-type-frontend.min.js?1576586448
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/library/media/plugins/type/carousel/carousel/dist/smartslider-carousel-single-type-frontend.min.js?1576586448
IP 167.86.73.18:0
GET /wp-content/plugins/nextend-smart-slider3-pro/library/media/plugins/type/carousel/carousel/dist/smartslider-carousel-single-type-frontend.min.js?1576586448 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:48 GMT
etag: W/"5df8ccd0-247b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.1
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.1
IP 167.86.73.18:0
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Thu, 09 Apr 2020 10:10:22 GMT
etag: W/"5e8ef48e-1e026"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/js/plugins.js?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/js/plugins.js?ver=21.2.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/plugins.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:46 GMT
etag: W/"5cebd222-2f7c3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-15b64"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/5da74948df22d913399f816e/default
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/5da74948df22d913399f816e/default
IP 172.67.38.66:0
GET /5da74948df22d913399f816e/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:42 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63b77dcd282"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e204be90b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-2ea1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.1
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.1
IP 167.86.73.18:0
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Thu, 09 Apr 2020 10:10:22 GMT
etag: W/"5e8ef48e-1f855"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:43 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"de21d01e9f8b6cc35ea67267d0ba80ec"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e20be955b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/inc/smls-block/smls-block.css?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/inc/smls-block/smls-block.css?ver=1.1.9
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/inc/smls-block/smls-block.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"95-5e7ea3dbf5aa8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.1
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.1
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Thu, 09 Apr 2020 10:10:22 GMT
etag: W/"5e8ef48e-5503"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.1
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.1
IP 167.86.73.18:0
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Thu, 09 Apr 2020 10:10:22 GMT
etag: W/"5e8ef48e-5513"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700&ver=6.0.3
216.58.207.202200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700&ver=6.0.3
IP 216.58.207.202:0
GET /css?family=Droid+Sans%3A400%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jan 2023 01:29:41 GMT
date: Wed, 11 Jan 2023 01:29:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700%7CMontserrat:regular,700,100,200,300,900&subset=latin%2Clatin-ext
216.58.207.202200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700%7CMontserrat:regular,700,100,200,300,900&subset=latin%2Clatin-ext
IP 216.58.207.202:0
GET /css?family=Poppins:300,regular,500,600,700%7CMontserrat:regular,700,100,200,300,900&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jan 2023 01:29:41 GMT
date: Wed, 11 Jan 2023 01:29:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/js/menu.js?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/js/menu.js?ver=21.2.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/menu.js?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2019 12:03:45 GMT
etag: W/"5cebd221-98d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/owl.carousel.css?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/owl.carousel.css?ver=1.1.9
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/css/owl.carousel.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-17f5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-webfontloader.min.js?1576586450
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-webfontloader.min.js?1576586450
IP 167.86.73.18:0
GET /wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-webfontloader.min.js?1576586450 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:50 GMT
etag: W/"5df8ccd2-3029"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:44 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"b931365947ecaea657544f82994716af"
age: 57893
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e2173e83b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/font-awesome.min.css?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/css/font-awesome.min.css?ver=1.1.9
IP 167.86.73.18:0
GET /wp-content/plugins/smart-logo-showcase-lite/css/font-awesome.min.css?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-7187"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:43 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e20be950b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-frontend.min.js?1576586450
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-frontend.min.js?1576586450
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nextend-smart-slider3-pro/nextend/media/dist/nextend-frontend.min.js?1576586450 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2019 12:40:50 GMT
etag: W/"5df8ccd2-e1e5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15
IP 167.86.73.18:0
GET /wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:50:00 GMT
etag: W/"6315b838-35e5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/languages/es.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/languages/es.js
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/languages/es.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:44 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"f5f910ce00ee0e644ce51cfbe2c0cd81"
age: 57844
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e2169e3bb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:44 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"a92075fd9ac5ba130387a80453676099"
age: 57893
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e2173e81b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/css/responsive.css?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/css/responsive.css?ver=21.2.2
IP 167.86.73.18:0
GET /wp-content/themes/betheme/css/responsive.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:17 GMT
etag: W/"5cebd205-dceb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/tooltipster.bundle.js?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/tooltipster.bundle.js?ver=1.1.9
IP 167.86.73.18:0
GET /wp-content/plugins/smart-logo-showcase-lite/js/tooltipster.bundle.js?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-1d059"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.0.3
216.58.207.202200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.0.3
IP 216.58.207.202:0
GET /css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jan 2023 01:29:41 GMT
date: Wed, 11 Jan 2023 01:29:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-636f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 09:40:11 GMT
etag: W/"6315c3fb-d53"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/css/style.css?ver=4.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/oscar-hotel-booking-engine/assets/css/style.css?ver=4.2
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/oscar-hotel-booking-engine/assets/css/style.css?ver=4.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 08:54:25 GMT
etag: W/"6315b941-95a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
va.tawk.to/v1/widget-settings?propertyId=5da74948df22d913399f816e&widgetId=default&sv=undefined
172.67.38.66200 OK 0 B URL HTTP/2 va.tawk.to/v1/widget-settings?propertyId=5da74948df22d913399f816e&widgetId=default&sv=undefined
IP 172.67.38.66:0
GET /v1/widget-settings?propertyId=5da74948df22d913399f816e&widgetId=default&sv=undefined HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://staging.hotelviladepremia.com/
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:44 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-wn8d
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, max-age=7200, s-maxage=1800
etag: W/"2-2-0"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e2120c5cb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/owl.carousel.js?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/owl.carousel.js?ver=1.1.9
IP 167.86.73.18:0
GET /wp-content/plugins/smart-logo-showcase-lite/js/owl.carousel.js?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-1412d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/smls-frontend-script.js?ver=1.1.9
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/plugins/smart-logo-showcase-lite/js/smls-frontend-script.js?ver=1.1.9
IP 167.86.73.18:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/smart-logo-showcase-lite/js/smls-frontend-script.js?ver=1.1.9 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 08:55:27 GMT
etag: W/"6315b97f-19a7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staging.hotelviladepremia.com
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:43 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"385105148a50079bafff97e9c9476109"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e20be953b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
staging.hotelviladepremia.com/wp-content/themes/betheme/css/base.css?ver=21.2.2
167.86.73.18200 OK 0 B URL HTTP/2 staging.hotelviladepremia.com/wp-content/themes/betheme/css/base.css?ver=21.2.2
IP 167.86.73.18:0
GET /wp-content/themes/betheme/css/base.css?ver=21.2.2 HTTP/1.1
Host: staging.hotelviladepremia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Cookie: bNQZztypjxfPY=Vsbld2njU%40_yZ; qMuPUgcpZWl_IGx=HbyGIF7vU0z; tfhBnUHVz=IUDNnaBfW2%404%2Ag; PHPSESSID=9kph1i9d3a299vgthjjv8kdiup; ls-popup-last-displayed=1673400580; ls-popup-4=1673400580
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:29:41 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 12:03:18 GMT
etag: W/"5cebd206-da71"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js
IP 172.67.38.66:0
GET /_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staging.hotelviladepremia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 01:29:44 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
age: 57893
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7879e2172e7eb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2