Report - peliculashdlatina.com/2015/02/wyrmwood-2014-online.html

Report Overview

Submitted URL
peliculashdlatina.com/2015/02/wyrmwood-2014-online.html
IP
37.48.65.150
ASN
#60781 LeaseWeb Netherlands B.V.
Submitted
2022-10-24 03:24:37
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	66 kB	34.120.237.76
www.viator.com	30900	2012-07-21T22:01:29Z	2023-03-09T14:03:10Z	370 B	1.5 kB	2.21.203.118
peliculashdlatina.com	unknown	2016-07-09T14:45:04Z	2023-03-09T00:35:24Z	1.6 kB	1.5 kB	81.171.22.7
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.3 kB	6.2 kB	23.36.77.32
bilqi-omv.com	unknown	2022-10-17T15:55:17Z	2022-12-22T22:34:10Z	1.5 kB	3.7 kB	35.174.150.83
cache.vtrcdn.com	74438	2014-10-07T07:28:38Z	2023-03-09T14:03:10Z	828 B	8.6 kB	2.21.203.118
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T10:58:09Z	761 B	93 kB	142.250.74.168
www.tripadvisor.com	8786	2012-05-22T03:41:46Z	2023-03-09T05:26:01Z	1.8 kB	11 kB	23.38.201.85
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T10:17:57Z	328 B	964 B	104.18.32.68
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-10T11:39:59Z	326 B	728 B	23.36.76.226
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	338 B	984 B	143.204.42.156
www.jscache.com	16218	2012-06-02T05:45:44Z	2023-03-09T11:10:27Z	932 B	1.8 kB	151.101.86.83
www.privatetour.com	unknown	2017-04-20T14:11:39Z	2022-12-04T14:33:52Z	402 B	22 kB	178.157.15.209
gyg.me	unknown	2015-10-29T10:58:25Z	2023-01-29T19:37:57Z	368 B	708 B	143.204.55.38
www.yourafricansafari.com	unknown	2014-03-09T10:50:06Z	2023-02-18T10:22:08Z	418 B	923 B	172.67.188.220
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	594 B	127 B	54.149.219.22
www.googleadservices.com	107	2012-06-26T16:53:06Z	2023-03-09T12:48:57Z	377 B	18 kB	142.250.74.34
www.kayak.com	17069	2012-05-21T13:15:20Z	2023-03-09T19:40:38Z	390 B	13 kB	151.101.85.29
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.0 kB	4.2 kB	142.250.74.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	399 B	1.9 kB	142.250.74.10
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	758 B	2.8 kB	143.204.55.35
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	401 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	987 B	2.0 kB	93.184.220.29
www.cruzeiro-safaris.com	unknown	2013-10-16T01:20:23Z	2022-12-04T14:33:51Z	31 kB	321 kB	68.65.122.186
widget.getyourguide.com	53395	2017-01-27T06:23:36Z	2023-03-09T08:26:56Z	1.2 kB	8.6 kB	54.230.111.29
payments.pesapal.com	unknown	2013-11-12T09:28:14Z	2022-12-09T09:37:22Z	407 B	9.2 kB	104.18.2.36
cdn.getyourguide.com	41787	2017-05-18T11:40:14Z	2023-03-09T15:01:30Z	416 B	6.6 kB	54.230.111.48
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	321 B	229 B	34.117.237.239
xml-v4.netload1.com	unknown	2022-09-26T15:05:57Z	2023-02-18T12:03:00Z	392 B	147 B	198.134.116.17
zeep.ly	287572	2019-02-06T13:24:33Z	2023-03-08T17:10:19Z	448 B	554 B	95.217.202.210

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-24	medium	peliculashdlatina.com/2015/02/wyrmwood-2014-online.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	www.cruzeiro-safaris.com/media/template/gzip.php?jquery-migrate.min-d90f61f8.js	10 kB	2023-03-07	2024-05-08
Pretty URL www.cruzeiro-safaris.com/media/template/gzip.php?jquery-migrate.min-d90f61f8.js IP 68.65.122.186 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-05-08 15:43:00 Times Seen37602 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	www.cruzeiro-safaris.com/	2.6 kB	2023-03-08	2023-07-08
Pretty URL www.cruzeiro-safaris.com/ IP 68.65.122.186 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:01:44 Last Seen2023-07-08 04:00:54 Times Seen23 Hash f4e540b1c875b397d7251fac4754316a 6c2ef8e2d13f973f7cbde8aee581e48cc64b9a90 b015d723d1110d2b31f4fc6d1b3929034957a601409c04271f42e3a6cec43ee0 Loading...

	peliculashdlatina.com/2015/02/wyrmwood-2014-online.html	406 B	2023-03-10	2023-03-10
Pretty URL peliculashdlatina.com/2015/02/wyrmwood-2014-online.html IP 81.171.22.7 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:11:19 Last Seen2023-03-10 14:11:19 Times Seen1 Hash 034d2520678c5f2a98c0ff6755fc0ff0 25120a153783b004749d71d2b2f0edeb2199841e c8a5ebff869617acc3e80ed2aa01433053cae592d5ede7edcaba6155578dac82 Loading...

	bilqi-omv.com/zcvisitor/5ccf3759-534b-11ed-aa52-0aec562557f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=5ce7ef75-534b-11ed-aa52-0aec562557f9	747 B	2023-03-10	2023-03-10
Pretty URL bilqi-omv.com/zcvisitor/5ccf3759-534b-11ed-aa52-0aec562557f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=5ce7ef75-534b-11ed-aa52-0aec562557f9 IP 35.174.150.83 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:11:19 Last Seen2023-03-10 14:11:19 Times Seen1 Hash 90a0ced11a997c978f552f7eaa52e73d 60f970d33ed8e3fceb16e38082cc73e8fe445c4f 4d9844af02993f7a0063fd1c8dc3228457fe2f3902833327f857cbd8f58065ab Loading...

	www.cruzeiro-safaris.com/media/template/gzip.php?bootstrap.min-ee11376e.js	29 kB	2023-03-07	2024-05-07
Pretty URL www.cruzeiro-safaris.com/media/template/gzip.php?bootstrap.min-ee11376e.js IP 68.65.122.186 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:44 Last Seen2024-05-07 12:38:42 Times Seen1888 Hash a125594de09167bd2e9015d790029a64 b0567b7e3db8ddbdc5806f5c4e2fa7a8abc9b692 b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2 Loading...

	www.cruzeiro-safaris.com/media/template/gzip.php?slideshow.min-14e73ec0.js	21 kB	2023-03-08	2023-07-08
Pretty URL www.cruzeiro-safaris.com/media/template/gzip.php?slideshow.min-14e73ec0.js IP 68.65.122.186 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:01:44 Last Seen2023-07-08 04:00:54 Times Seen29 Hash 0ad5e51bcee4cd6ea80dc2a04dee2bdd ceb95277b4cf7b2673a64a0e745ad824d5f9ff33 26a8e19c2067f9ae268572c5ce56d72e520743b95c35bf7bd5014850e2ef8a78 Loading...

	www.cruzeiro-safaris.com/media/template/gzip.php?mootools-core-481605f6.js	84 kB	2023-03-08	2023-11-27
Pretty URL www.cruzeiro-safaris.com/media/template/gzip.php?mootools-core-481605f6.js IP 68.65.122.186 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:01:44 Last Seen2023-11-27 03:17:51 Times Seen56 Hash ec1a95eed2cce3aa4a2168e73f380bdd 9ff10ddd21ed6a2ecb6bd2e71838e914db4efffc 623194efa2e024e7af9fc92967857145e11948dd2506a625c5b1474cf868127c Loading...

	www.cruzeiro-safaris.com/media/template/gzip.php?jquery.min-45fe031d.js	98 kB	2023-03-07	2024-05-07
Pretty URL www.cruzeiro-safaris.com/media/template/gzip.php?jquery.min-45fe031d.js IP 68.65.122.186 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:40 Last Seen2024-05-07 18:25:53 Times Seen2776 Hash 48a197817927a6eda6f531064f1dba71 5ba19dcca2e2d7ac659af0fbc97dc99e505c498b 05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba Loading...

	www.cruzeiro-safaris.com/media/template/gzip.php?mootools-more-ea188992.js	233 kB	2023-03-08	2023-11-28
Pretty URL www.cruzeiro-safaris.com/media/template/gzip.php?mootools-more-ea188992.js IP 68.65.122.186 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:30 Last Seen2023-11-28 16:51:12 Times Seen60 Hash fba3b5ccfda116650d130ff36cffcc7c 11285fe766557446c418d7d42d9532c6a0350416 82d5dae8123508aed457d3c8cb6a17bd6f775f19c01459ea87e1354904281acc Loading...

	www.cruzeiro-safaris.com/media/template/gzip.php?jquery-noconflict-52794473.js	20 B	2023-03-07	2024-05-08
Pretty URL www.cruzeiro-safaris.com/media/template/gzip.php?jquery-noconflict-52794473.js IP 68.65.122.186 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:18 Last Seen2024-05-08 15:19:20 Times Seen1303 Hash 3179f2255b046d5f2e9a71e365287bef 462e90dd5487b4c692a7c609b7b78f1b93496343 844a36c2c43704c5ae846d0f52093463bc6e84d547d04528eefb6313129e570f Loading...

	bilqi-omv.com/zcredirect?visitid=5ccf3759-534b-11ed-aa52-0aec562557f9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false	74 B	2023-03-10	2023-03-10
Pretty URL bilqi-omv.com/zcredirect?visitid=5ccf3759-534b-11ed-aa52-0aec562557f9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false IP 35.174.150.83 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:11:19 Last Seen2023-03-10 14:11:19 Times Seen1 Hash 259efc994a324d154726b2d2287502ce 24be8329698feaed8bff083326e884f4a4d3bbd6 c11bbcfd4ce77810d88a9a8a0561f7505cbbdcb5938af5ad1cf6e90323e9113a Loading...

	www.cruzeiro-safaris.com/media/template/gzip.php?core-d38c101f.js	8.7 kB	2023-03-08	2024-04-26
Pretty URL www.cruzeiro-safaris.com/media/template/gzip.php?core-d38c101f.js IP 68.65.122.186 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:31:53 Last Seen2024-04-26 06:13:56 Times Seen54 Hash a9ff5a2fe8e50ff3b2b8bdeb1b2f4af0 bcaebfffcb9cd8e50cb902b294d38561b880dbc0 de8bce07331ae2e261554c7b2a4a11e728b7d91a02640ce7d7a78601f5845e7d Loading...

	www.googleadservices.com/pagead/conversion.js	46 kB	2023-03-10	2023-03-10
Pretty URL www.googleadservices.com/pagead/conversion.js IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:11:20 Last Seen2023-03-10 15:53:25 Times Seen1 Hash fe6b17e9a999d59317f2661a7c9e9086 15aaacc5f35cc04814b671f6125826cf6505533b 9e5d7b09e791389be97784c6f9b16e2dc1a2d9937788d93fe8fff709bc395d59 Loading...

HTTP Transactions (123)

URL IP Response Size

peliculashdlatina.com/2015/02/wyrmwood-2014-online.html

81.171.22.7

200 OK

510 B

URL HTTP/1.1
peliculashdlatina.com/2015/02/wyrmwood-2014-online.html
IP
81.171.22.7:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (510), with no line terminators
Size
510 B (510 bytes)
Hash
75e33ca4edea3f76c6590797aa89c7a0
e515b2d6532cbfcdd1e4756a570be71b74bc017f
f2329c4320a3ad2967fc22550967159218f2640b86664df8c73193135ab59f23

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /2015/02/wyrmwood-2014-online.html HTTP/1.1
Host: peliculashdlatina.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 510
content-type: text/html; charset=utf-8
date: Mon, 24 Oct 2022 03:24:25 GMT
server: nginx
set-cookie: sid=5c8f0040-534b-11ed-ad1c-0c8902498aa8; path=/; domain=.peliculashdlatina.com; expires=Sat, 11 Nov 2090 06:38:32 GMT; max-age=2147483647; HttpOnly

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14700
Expires: Mon, 24 Oct 2022 07:29:26 GMT
Date: Mon, 24 Oct 2022 03:24:26 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 24 Oct 2022 02:52:56 GMT
Expires: Mon, 24 Oct 2022 03:43:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mOZA6BAUFah_xahUyZxQBIFLmUBm1M1kBTEmdq2RAFjhJQ5q_TaJXg==
Age: 1890

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6226
Expires: Mon, 24 Oct 2022 05:08:12 GMT
Date: Mon, 24 Oct 2022 03:24:26 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: MY48x1aXf9eVQcAX2OBTDTY7K2fOGxjKXtZgjPI5q/UA02820/xlRNREI4gjHyL2RwOKy4vz9J8=
x-amz-request-id: ZZ6XAS4QHNF918K2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 24 Oct 2022 02:38:13 GMT
age: 2773
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 03:24:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

peliculashdlatina.com/favicon.ico

81.171.22.7

404 Not Found

9 B

URL HTTP/1.1
peliculashdlatina.com/favicon.ico
IP
81.171.22.7:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: peliculashdlatina.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://peliculashdlatina.com/2015/02/wyrmwood-2014-online.html
Cookie: sid=5c8f0040-534b-11ed-ad1c-0c8902498aa8

HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Mon, 24 Oct 2022 03:24:25 GMT
server: nginx

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 24 Oct 2022 02:43:40 GMT
Cache-Control: max-age=3600
Expires: Mon, 24 Oct 2022 02:51:29 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9ygcHxSQGktS7B8EfGFUUtWaZ9up_SwBuAKIqAWtloiiI61k4RzU7w==
Age: 3054

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
60d5d7cce6c32a6bdaf0d4c92ec93a1a
cd29edee660366b41749cfd206bdc08fb421449c
fb90c4cc44b32e4ca4a7d1533bbf4a2fd5c482dda5d232f1be2334f3cefbbb0e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2501
Cache-Control: max-age=105838
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:26 GMT
Etag: "6354f613-1d7"
Expires: Tue, 25 Oct 2022 08:48:24 GMT
Last-Modified: Sun, 23 Oct 2022 08:06:43 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.149.219.22

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.219.22:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Lo8XpEKpniESvd5a4XsUNA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: V92gRJGrdnQpDsHRP+gDASTf2r0=

peliculashdlatina.com/2015/02/wyrmwood-2014-online.html?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NjU4OTA2NSwiaWF0IjoxNjY2NTgxODY1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2dlNm80OXZnZTY3dWRzaG8xZG81ZWoiLCJuYmYiOjE2NjY1ODE4NjUsInRzIjoxNjY2NTgxODY1ODk4Mzc1fQ.drbq2e3rlz00dMFZK96_mDLg0qZSCs7167vFIwVOiRI&sid=5c8f0040-534b-11ed-ad1c-0c8902498aa8

81.171.22.7

302 Found

11 B

URL HTTP/1.1
peliculashdlatina.com/2015/02/wyrmwood-2014-online.html?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NjU4OTA2NSwiaWF0IjoxNjY2NTgxODY1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2dlNm80OXZnZTY3dWRzaG8xZG81ZWoiLCJuYmYiOjE2NjY1ODE4NjUsInRzIjoxNjY2NTgxODY1ODk4Mzc1fQ.drbq2e3rlz00dMFZK96_mDLg0qZSCs7167vFIwVOiRI&sid=5c8f0040-534b-11ed-ad1c-0c8902498aa8
IP
81.171.22.7:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

HTTP Headers

GET /2015/02/wyrmwood-2014-online.html?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NjU4OTA2NSwiaWF0IjoxNjY2NTgxODY1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2dlNm80OXZnZTY3dWRzaG8xZG81ZWoiLCJuYmYiOjE2NjY1ODE4NjUsInRzIjoxNjY2NTgxODY1ODk4Mzc1fQ.drbq2e3rlz00dMFZK96_mDLg0qZSCs7167vFIwVOiRI&sid=5c8f0040-534b-11ed-ad1c-0c8902498aa8 HTTP/1.1
Host: peliculashdlatina.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://peliculashdlatina.com/2015/02/wyrmwood-2014-online.html
Cookie: sid=5c8f0040-534b-11ed-ad1c-0c8902498aa8
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 24 Oct 2022 03:24:26 GMT
location: http://bilqi-omv.com/zcvisitor/5ccf3759-534b-11ed-aa52-0aec562557f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=5ce7ef75-534b-11ed-aa52-0aec562557f9
server: nginx
set-cookie: sid=5c8f0040-534b-11ed-ad1c-0c8902498aa8; path=/; domain=.peliculashdlatina.com; expires=Sat, 11 Nov 2090 06:38:34 GMT; max-age=2147483647; HttpOnly

bilqi-omv.com/zcvisitor/5ccf3759-534b-11ed-aa52-0aec562557f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=5ce7ef75-534b-11ed-aa52-0aec562557f9

35.174.150.83

200

996 B

URL HTTP/1.1
bilqi-omv.com/zcvisitor/5ccf3759-534b-11ed-aa52-0aec562557f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=5ce7ef75-534b-11ed-aa52-0aec562557f9
IP
35.174.150.83:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
996 B (996 bytes)
Hash
db6efb32e0c7c92978cf9a3770a53a74
f57c45e1d52320470be9787420f1ecd9f6afb3f4
8fdfcf022be6d0e51d57e4dd8975702779756fba297a27b067df90e03b95e140

HTTP Headers

GET /zcvisitor/5ccf3759-534b-11ed-aa52-0aec562557f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=5ce7ef75-534b-11ed-aa52-0aec562557f9 HTTP/1.1
Host: bilqi-omv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://peliculashdlatina.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Mon, 24 Oct 2022 03:24:27 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: ajCHvhjZ

bilqi-omv.com/zcredirect?visitid=5ccf3759-534b-11ed-aa52-0aec562557f9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false

35.174.150.83

200

278 B

URL HTTP/1.1
bilqi-omv.com/zcredirect?visitid=5ccf3759-534b-11ed-aa52-0aec562557f9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP
35.174.150.83:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
278 B (278 bytes)
Hash
4d4886179da1fc4300ef5d51a064a885
301d4b04db1c408b0ebe89db9fea984cfe9ed0c1
107055aa656960fdf6a08fda05db46731e8784cdfb879a81ac75c0e161c9da6e

HTTP Headers

GET /zcredirect?visitid=5ccf3759-534b-11ed-aa52-0aec562557f9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: bilqi-omv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bilqi-omv.com/zcvisitor/5ccf3759-534b-11ed-aa52-0aec562557f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=5ce7ef75-534b-11ed-aa52-0aec562557f9
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Mon, 24 Oct 2022 03:24:27 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: SwsEcIDS

bilqi-omv.com/favicon.ico

35.174.150.83

404

653 B

URL HTTP/1.1
bilqi-omv.com/favicon.ico
IP
35.174.150.83:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size
653 B (653 bytes)
Hash
ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: bilqi-omv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bilqi-omv.com/zcredirect?visitid=5ccf3759-534b-11ed-aa52-0aec562557f9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false

HTTP/1.1 404 
Date: Mon, 24 Oct 2022 03:24:27 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: DBSplLvv

xml-v4.netload1.com/click?i=dEC88ESHrB4_0

198.134.116.17

302 Found

0 B

URL HTTP/1.1
xml-v4.netload1.com/click?i=dEC88ESHrB4_0
IP
198.134.116.17:0
ASN
#27257 WEBAIR-INTERNET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?i=dEC88ESHrB4_0 HTTP/1.1
Host: xml-v4.netload1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bilqi-omv.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://zeep.ly/59rrZ
Pragma: no-cache

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6967
Expires: Mon, 24 Oct 2022 05:20:35 GMT
Date: Mon, 24 Oct 2022 03:24:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6967
Expires: Mon, 24 Oct 2022 05:20:35 GMT
Date: Mon, 24 Oct 2022 03:24:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6967
Expires: Mon, 24 Oct 2022 05:20:35 GMT
Date: Mon, 24 Oct 2022 03:24:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6967
Expires: Mon, 24 Oct 2022 05:20:35 GMT
Date: Mon, 24 Oct 2022 03:24:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6967
Expires: Mon, 24 Oct 2022 05:20:35 GMT
Date: Mon, 24 Oct 2022 03:24:28 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10072 bytes)
Hash
af3d4b4d16ad8b30805be96afa6472e3
bceb257123711c43994e5a03e9caf22eeee16423
30d7fea8d87522ce3ba2abf2c47e0025af1b7c05d6b4ea9f26aaa1f06aff4a67

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10072
x-amzn-requestid: 2f26fcdb-0540-49ea-be46-83c00182fcc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0FKvoAMFVFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-1be524647e3db4a211e4c4ff;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sNu31Qx0p_Ikus0GsGKRNGVxOGnIRSewAXfkXyzOCmT6bJ1D1Qz-0w==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:10:20 GMT
etag: "bceb257123711c43994e5a03e9caf22eeee16423"
content-type: image/jpeg
age: 18848
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9894 bytes)
Hash
9983bdfe8dbe8386970aae586bb57575
4c5ff521fec700a1cda73325eebbeb88f97baa39
775d510a8d82ed993085e3d828c33b75eee99db2911b90d6151faf5c2e25b5d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9894
x-amzn-requestid: 8d639b03-49d2-411b-b0ca-39c5dafe21f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelOtF6YIAMF-4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b591-230070a06848d4d90ea4f6ef;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mYzFAcyUErnaOlGBX0ygFYZ4608EanLq5V4xzX7qCHQRGzkKwwWvHw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:36:45 GMT
age: 17263
etag: "4c5ff521fec700a1cda73325eebbeb88f97baa39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f5d706-03b5-40c4-9fef-abddcb255f99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10420 bytes)
Hash
1974529bf378941c1b76662e2b283988
cdde9ea46af873e3f838bdb35d69cc0844016311
7c39112dbb1088fe09e010fcd5d85b63a34ac40c7b93e0e9873715ccdf0ac579

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f5d706-03b5-40c4-9fef-abddcb255f99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10420
x-amzn-requestid: 9fbc5930-f615-4548-a683-061be9a67bb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDFGPhoAMFVzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b546-0563eb5f6ba62af65182fc3c;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YsNdkkNvH6bzM34S-EiZhHuOPYikzpYLTPqWlJFLx2-dMEf9oRnP_g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:09:42 GMT
age: 18886
etag: "cdde9ea46af873e3f838bdb35d69cc0844016311"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13985f97-93f1-44be-8be0-92fb128d3c51.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11927 bytes)
Hash
5516af00c2c5dcb5a8c873b6f61ea0df
088236fab64197c530ba85242bf798f13669179e
c7a99982b8af0e2b28bab9cf5b24fc75b50ae172d5c529efec9161c7d436ff90

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13985f97-93f1-44be-8be0-92fb128d3c51.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11927
x-amzn-requestid: 78067be5-c9cf-4ee0-a5b0-86fd32baca38
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelCxGiFIAMFWHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b544-5df3064a5b15f2ee370e4016;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ttoLy6qZlouNOrCv4DGJ8QAL_5dW1dagr9dj_cFWwAXzLKdd8W_WbA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:52:34 GMT
age: 19914
etag: "088236fab64197c530ba85242bf798f13669179e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7185 bytes)
Hash
c16ee3c480c8ee5b51b7dd88375649ae
885e2070d3ea7973fd978e1e9c247ce248afdbbb
4086d5476b9f3b6c06535fc588784c19a52008178cbdeccbff4c98497bd8e428

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: 5bbcd9f1-fa0a-4591-a38c-b472e2ef148f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelC7EZ4oAMFmvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b545-754aa64e1249811f2c019641;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: U1Xa3qCT8SgSakuW_ts-fzukr1EsY1OWLxLOJbfqsuq7tCD13n7BPg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:49:47 GMT
age: 20081
etag: "885e2070d3ea7973fd978e1e9c247ce248afdbbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10380 bytes)
Hash
6cd3b0c2f628a973659cdb368dfc64cf
c5097681a4dcff980dc788191356e7e7c21ef3b1
03374811ad045fafd0d6898ef3b1beea094b785e8144f570e2d7e9912773c2a9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10380
x-amzn-requestid: 9027dbc2-08da-449f-9a40-59c58169fa28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDlG5XIAMFTTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b549-4dd10f5c123194ff6ce4070f;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tNvto_msO-2-BKygBoOYkO_BwaZjdZroH9-tDWwsoyE60iQBH742lQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:09:39 GMT
age: 18889
etag: "c5097681a4dcff980dc788191356e7e7c21ef3b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

zeep.ly/59rrZ

95.217.202.210

301 Moved Permanently

20 B

URL HTTP/1.1
zeep.ly/59rrZ
IP
95.217.202.210:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /59rrZ HTTP/1.1
Host: zeep.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bilqi-omv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Oct 2022 03:24:28 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: PHPSESSID=10be4390ac7c4da2c6d3bdac118dbd0c; path=/
short_59rrZ=1; expires=Mon, 24-Oct-2022 03:54:28 GMT; Max-Age=1800; path=/; HttpOnly
Location: https://www.cruzeiro-safaris.com/
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
a941f5064322a51934db7597d21cd89c
d0088a1cb5cb38da47697d7f18d9ffb86f076b5a
176dda79522a22795a07def067acd8bd0311d86efee4010f332c7e28c92f3752

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 03:24:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 23 Oct 2022 16:08:05 GMT
Expires: Sun, 30 Oct 2022 16:08:04 GMT
Etag: "d0088a1cb5cb38da47697d7f18d9ffb86f076b5a"
Cache-Control: max-age=563614,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75ef99893eceb515-OSL

www.cruzeiro-safaris.com/

68.65.122.186

200 OK

34 kB

URL HTTP/2
www.cruzeiro-safaris.com/
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5259), with CRLF, LF line terminators
Size
34 kB (33883 bytes)
Hash
0f8a6381b2e1109599fa10a11b36b658
2686ad3a99e839e380d88afc9194fa223cd8292b
4bb3b5f6c95cb4ae2a21bb72d8cea20112430c21ecaa1b12082c50c729abce0f

HTTP Headers

GET / HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bilqi-omv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:29 GMT
server: Apache
x-powered-by: PHP/7.4.32
expires: Wed, 17 Aug 2005 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7; path=/; HttpOnly
last-modified: Mon, 24 Oct 2022 03:24:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 33883
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
cde8257da86673a29a8f947eeadfd43a
f4573647aa48b72010149804f6194f9a281dca84
ae63651b8963e0cf8da8f1e097246846d32b3cd74a3e36b31206ca49438f59a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=97250
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:30 GMT
Etag: "6354de50-116"
Expires: Tue, 25 Oct 2022 06:25:20 GMT
Last-Modified: Sun, 23 Oct 2022 06:25:20 GMT
Server: nginx
Content-Length: 278

cache.vtrcdn.com/images/10067/viator-top-rated.png

2.21.203.118

301 Moved Permanently

274 B

URL HTTP/2
cache.vtrcdn.com/images/10067/viator-top-rated.png
IP
2.21.203.118:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
274 B (274 bytes)
Hash
415fb1f589a77a20e16c4c81233a5a81
5ae4f482a07270dd5d52b139b9c7edf45d5b2a8c
51e2830cc4a231e1bfc567eaa4d495966d129b4e5f4efe7cc40c9b0cf723489f

HTTP Headers

GET /images/10067/viator-top-rated.png HTTP/1.1
Host: cache.vtrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
content-length: 274
location: https://cache.vtrcdn.com/orion/images/widgets/viator-top-rated.png
strict-transport-security: max-age=15724800; includeSubDomains
x-unique-id: 02106E75:ADBC_0A280927:01BB_634E0277_5B6A74:570A
traceparent: 00-683288b74d3f421798710764fd97b3f0-b758ed04da4e17b6-00
expires: Tue, 25 Oct 2022 01:33:44 GMT
server: Apache
date: Mon, 24 Oct 2022 03:24:30 GMT
X-Firefox-Spdy: h2

www.viator.com/orion/partner/widget.js

2.21.203.118

200 OK

675 B

URL HTTP/2
www.viator.com/orion/partner/widget.js
IP
2.21.203.118:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1381), with no line terminators
Size
675 B (675 bytes)
Hash
2d338a630462243b5ebcd1bdcf79dfef
5bd484d233a142b236df962f0614c99509f7b402
186d167a4caa85d7e6b1e306b6e73507b2375955e9c1dd08210ff3a6a19b26ea

HTTP Headers

GET /orion/partner/widget.js HTTP/1.1
Host: www.viator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
last-modified: Thu, 22 Sep 2022 13:17:36 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15724800; includeSubDomains
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' *.viator.com:*
vary: accept-encoding
content-encoding: gzip
x-unique-id: 17C1746E:CBBF_0A280DA7:01BB_632C56C3_71D16:5771
traceparent: 00-12dbadcb8e654d0ebbdce6a853aaa297-877afc91558e8670-00
expires: Thu, 29 Sep 2022 12:36:19 GMT
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
server: Apache
content-length: 675
date: Mon, 24 Oct 2022 03:24:30 GMT
X-Firefox-Spdy: h2

cache.vtrcdn.com/orion/images/widgets/viator-top-rated.png

2.21.203.118

200 OK

7.2 kB

URL HTTP/2
cache.vtrcdn.com/orion/images/widgets/viator-top-rated.png
IP
2.21.203.118:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 150 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
7.2 kB (7232 bytes)
Hash
4717efd439984bfb9c3aca93e99d9412
5910801df783caadd73afa622004fe2030306c36
504275ff94ccf3630e3bcf2e684da3be57d6326a5120b29604c1fcb017a74efc

HTTP Headers

GET /orion/images/widgets/viator-top-rated.png HTTP/1.1
Host: cache.vtrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png;charset=UTF-8
content-length: 7232
last-modified: Tue, 18 Oct 2022 20:23:54 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15724800; includeSubDomains
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' *.viator.com:*
x-unique-id: 17C1747C:C393_0A280E75:01BB_634FD2A0_2E3D4B:5F8F
traceparent: 00-b97395b0557340ecb90b27442ba0919c-859a9dd6abe31e8e-00
expires: Wed, 26 Oct 2022 10:34:08 GMT
server: Apache
date: Mon, 24 Oct 2022 03:24:30 GMT
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/plugins/system/jce/css/content.css?15605b57da1d35b72b6bbcf44f8916c1

68.65.122.186

200 OK

1.0 kB

URL HTTP/2
www.cruzeiro-safaris.com/plugins/system/jce/css/content.css?15605b57da1d35b72b6bbcf44f8916c1
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (7728), with no line terminators
Size
1.0 kB (1018 bytes)
Hash
72ba0fc56a7ed0dc3ddbb9d754f63903
99cfaaed5fc9e32da79ab54247fc33bf4d3c7655
5c6b68e0c8c2a0b5157281233aa2f32bd413b0c15131875ddd0e6c9bac612bd1

HTTP Headers

GET /plugins/system/jce/css/content.css?15605b57da1d35b72b6bbcf44f8916c1 HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Wed, 19 May 2021 06:54:08 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1018
content-type: text/css
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff9e215637e7d64c01fd3590b8b6dcc7
3ad7fea9f519384210918af8a56990f36e68a07b
83c0739ae5c8b8b5ea39b2bc2049478e8deaea80cb4ef5570f107da907f4f208

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

widget.getyourguide.com/v2/widget.js

54.230.111.29

301 Moved Permanently

0 B

URL HTTP/2
widget.getyourguide.com/v2/widget.js
IP
54.230.111.29:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2/widget.js HTTP/1.1
Host: widget.getyourguide.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
content-length: 0
location: https://widget.getyourguide.com/pw/latest/client-loader/widget.js
date: Mon, 24 Oct 2022 03:24:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-request-id: 2e80364a-bc6a-4a3f-8fad-b2c33ef1933c
server: istio-envoy
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nZ8aPAyVdqSP03xIxPO_flyp793QveFHghgaGpF46FTbqs6AlChbJw==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05ee461624e2ec37f65e859afe6543ba
b99dcb558535d3d35d140e730aeeb41587622b30
576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1ea30e37b7f86b7d0a7cb7341087fdc1
2e88a09e17356724c7e0f488d70be82ebc64f55c
bb85d7fbaf1d4c0dc0a7cd27aebc8f21f942bf703896186a765131c80c87f059

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

widget.getyourguide.com/dist/pa.umd.production.min.js

54.230.111.29

200 OK

6.8 kB

URL HTTP/2
widget.getyourguide.com/dist/pa.umd.production.min.js
IP
54.230.111.29:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (19240)
Size
6.8 kB (6849 bytes)
Hash
49b17b8eeffd6971fc87f3dcf8e25fd7
b98de8109f228c796e5352fa9d6120641a515f29
b634ed0558fe7c4dc700589c2d357b8f8653618099f141511a85489518bf1a67

HTTP Headers

GET /dist/pa.umd.production.min.js HTTP/1.1
Host: widget.getyourguide.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 20 Oct 2022 13:02:56 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 24 Oct 2022 02:44:23 GMT
cache-control: max-age=3600, public, must-revalidate
etag: W/"a8ac2108d9f5a6f9ee38eae2307faa21"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LG6FCh4oPXGoXjdsmDbknRg7XBXfVyQUg4W9S5a1hGXWmC2isU11Xg==
age: 2408
X-Firefox-Spdy: h2

www.googleadservices.com/pagead/conversion.js

142.250.74.34

200 OK

17 kB

URL HTTP/2
www.googleadservices.com/pagead/conversion.js
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2021)
Size
17 kB (16831 bytes)
Hash
f4edcc4119c80477e4ed546fc207aa7a
e478d7f0f9d6d72c938251c17a8cc7a188651445
12015a413fc692bf5bac249afb06422a8ed8a6d70a1a141f999481f0bfb2ee34

HTTP Headers

GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 24 Oct 2022 03:24:30 GMT
expires: Mon, 24 Oct 2022 03:24:30 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 18014762903861546619
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16831
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.kayak.com/news/badge/kk/tg005.png

151.101.85.29

200 OK

13 kB

URL HTTP/2
www.kayak.com/news/badge/kk/tg005.png
IP
151.101.85.29:0
ASN
#54113 FASTLY

File type
PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Size
13 kB (12996 bytes)
Hash
2385da531246f4e5ec82b0cc84858503
1898cbe645775fc4cf02396d4423b88ae7f1530d
65d8ac86ed0432f654506f847946f1df2689ce26d7b680e684a533b6197380b0

HTTP Headers

GET /news/badge/kk/tg005.png HTTP/1.1
Host: www.kayak.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache
last-modified: Fri, 07 Oct 2022 13:18:44 GMT
etag: "32c4-5ea71a6313500"
content-type: image/png
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-kayak-presentation: web
x-esi: YES
cache-control: max-age=31536000
accept-ranges: bytes
date: Mon, 24 Oct 2022 03:24:30 GMT
age: 1251165
vary: Fastly-SSL,SSL,Accept-Encoding
content-length: 12996
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-11772281-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-11772281-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1588)
Size
44 kB (43652 bytes)
Hash
853855e2d7b42c5836f1ebcdcf5beb8e
375aa7dc7781ac0249f49b9a8a47b5c85db7a216
c53cb3375479817684dc5c221c846f3819662948827e64b8c3e183e479aff453

HTTP Headers

GET /gtag/js?id=UA-11772281-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 24 Oct 2022 03:24:30 GMT
expires: Mon, 24 Oct 2022 03:24:30 GMT
cache-control: private, max-age=900
last-modified: Mon, 24 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43652
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-831005086

142.250.74.168

200 OK

48 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-831005086
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1588)
Size
48 kB (47734 bytes)
Hash
f00af3c7dacded54c3b9d0c0b0891ffb
25205de1158f58454e85ecd13df3750e0fa6dafe
fad7e91228c2c287ead7f6d90ba3439ad933982471858e593af7491d4d07b767

HTTP Headers

GET /gtag/js?id=AW-831005086 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 24 Oct 2022 03:24:30 GMT
expires: Mon, 24 Oct 2022 03:24:30 GMT
cache-control: private, max-age=900
last-modified: Mon, 24 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47734
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9768604a7e222c32ef8cdaf53ec29ee2
4028238f05aaafdb51ead64799ea87886b5e4feb
d1dca4baae90d44410434584069ac98fa44bf21176776bd3c45d1216f95f0f0b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05ee461624e2ec37f65e859afe6543ba
b99dcb558535d3d35d140e730aeeb41587622b30
576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
fc8179a88abbd734202adc66c0a44b67
a9234b80f7655b767a8c4ab7a284d36e7abbbe91
b99e716a26a62b69ad40222ff358cf8c2c5adcdd85eeaee4f534e510a1433b15

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B99E716A26A62B69AD40222FF358CF8C2C5ADCDD85EEAEE4F534E510A1433B15"
Last-Modified: Fri, 21 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 24 Oct 2022 09:24:30 GMT
Date: Mon, 24 Oct 2022 03:24:30 GMT
Connection: keep-alive

payments.pesapal.com/site/images/426/pesapalpaybtn.png

104.18.2.36

200 OK

8.5 kB

URL HTTP/2
payments.pesapal.com/site/images/426/pesapalpaybtn.png
IP
104.18.2.36:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 125 x 50, 8-bit/color RGB, non-interlaced\012- data
Size
8.5 kB (8527 bytes)
Hash
f373352361e070a7948ebf382cab6786
3626cdb5f70a30a3b8ec369295e22ae271e8d20d
ce1d5908f3a288e1921fc49e1eb90dba3a6b71bc8a43e5790fa46997642485e9

HTTP Headers

GET /site/images/426/pesapalpaybtn.png HTTP/1.1
Host: payments.pesapal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
content-type: image/png
content-length: 8527
last-modified: Wed, 16 Jan 2019 09:38:52 GMT
cf-cache-status: HIT
expires: Mon, 24 Oct 2022 07:24:30 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=epVUzrXv_0xvDMfmsjRhplgaR3.2xXOTz2fYFiO2O.8-1666581870-0-AdMq0g6uq8VmfAlPpesTKuCyIR7F0Za8EP9M02ainvaH4BDb62IpUmxo+WUQQrzSnmMgOf6xDRAYIBGZEbrKpLM=; path=/; expires=Mon, 24-Oct-22 03:54:30 GMT; domain=.pesapal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 75ef9991de26b4ee-OSL
X-Firefox-Spdy: h2

www.jscache.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2

151.101.86.83

301 Moved Permanently

0 B

URL HTTP/2
www.jscache.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2
IP
151.101.86.83:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2 HTTP/1.1
Host: www.jscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: envoy
location: https://www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2
expires: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-type: text/plain; charset=utf-8
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
accept-ranges: bytes
date: Mon, 24 Oct 2022 03:24:30 GMT
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666581870.282601,VS0,VE152
content-length: 0
X-Firefox-Spdy: h2

www.tripadvisor.com/img/cdsi/img2/badges/ollie-11424-2.gif

23.38.201.85

200 OK

551 B

URL HTTP/2
www.tripadvisor.com/img/cdsi/img2/badges/ollie-11424-2.gif
IP
23.38.201.85:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 31 x 20\012- data
Size
551 B (551 bytes)
Hash
c49ee6486f965a57bd7580eefa23c260
41ecc79ff7dd26b4950b04d24c7c5e3eb33742c4
10671a700bbd5ce00557871cc4ee9608332dc396bfea680b700260efaf4e059d

HTTP Headers

GET /img/cdsi/img2/badges/ollie-11424-2.gif HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: envoy
cache-control: private, max-age=43200
expires: Mon, 24 Oct 2022 15:24:30 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
timing-allow-origin: https://www.tripadvisor.com
content-type: image/gif
content-length: 551
date: Mon, 24 Oct 2022 03:24:30 GMT
set-cookie: TADCID=nZSTLLvYsnBCjfvvABQCFdpBzzOuRA-9xvCxaMyI13EPORTtRQ_N7R3LRENkGVyiWUqq2lMGSnM1UX3tOp-UCZFueoC2j7wk_Hw; Domain=www.tripadvisor.com; Expires=Thu, 21-Oct-2032 03:24:30 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3AiyVYLMthAw7k7nWhzVPS6shGd0grv0wJ%2Fdfe7m7A1Y82jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com; Expires=Wed, 23-Oct-2024 03:24:30 GMT; Path=/; HttpOnly
__vt=cqrGTlZBa1-08tb3ABQCIf6-ytF7QiW7ovfhqc-AvSDs2fI2LxZTSWp39imNGsHxH0jzypgRr5kWhMhueMXWCvKnvLPfCudBhfTUBkidVHEO-2nNvWRopeHefCmeiviC-iq9ZmuyhSwvrd0glFc5IBum5ck; Domain=www.tripadvisor.com; Expires=Mon, 24-Oct-2022 04:24:30 GMT; Path=/; Secure; HttpOnly
TASession=V2ID.0CABD4DD45164ED7E919A9D4E316D486*SQ.1*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*TRA.true; Domain=.tripadvisor.com; Path=/
ServerPool=A; Domain=.tripadvisor.com; Path=/
TACds=A.1.11424.2.2022-10-23; Domain=.tripadvisor.com; Expires=Fri, 23-Dec-2022 03:24:30 GMT; Path=/
X-Firefox-Spdy: h2

www.tripadvisor.com/img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg

23.38.201.85

200 OK

2.3 kB

URL HTTP/2
www.tripadvisor.com/img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg
IP
23.38.201.85:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
2.3 kB (2315 bytes)
Hash
bf29758e41903e1fabdc4a19c89bac9b
1ff70aca18e5d207268b7888d56ab2a897909ff8
6936f35bf6375797c7d4a526dd6bfdf2a5f3d0dfb4e4d1e9e292ce31bc45702c

HTTP Headers

GET /img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: envoy
cache-control: private, max-age=43200
expires: Mon, 24 Oct 2022 15:24:30 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
timing-allow-origin: https://www.tripadvisor.com
content-type: image/svg+xml
content-encoding: gzip
vary: Accept-Encoding
content-length: 2315
date: Mon, 24 Oct 2022 03:24:30 GMT
set-cookie: TADCID=59nad2fU5uYCRkJIABQCFdpBzzOuRA-9xvCxaMyI13EPOcTNvfJjdfYGXGOB-KHVu-vKBwrG_IumwbFFRXuaFXMS9blUadTCtcg; Domain=www.tripadvisor.com; Expires=Thu, 21-Oct-2032 03:24:30 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3ALBUidT4OAAjk7nWhzVPS6shGd0grv0wJ3OUb5a%2BspVg2jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com; Expires=Wed, 23-Oct-2024 03:24:30 GMT; Path=/; HttpOnly
__vt=P3dsP5BY_WO6J7baABQCIf6-ytF7QiW7ovfhqc-AvSDs2Xw8VmS7Bvnek5wAgVrivFDY2q-2OH94FY25_9DTaCbd83yk3YWaHU-TJtbnSa61JzTFvu_Dfu7HTczDlkZ4RSRKx7aTAgmixfCjmi6txvbK4A; Domain=www.tripadvisor.com; Expires=Mon, 24-Oct-2022 04:24:30 GMT; Path=/; Secure; HttpOnly
TASession=V2ID.48548DF6FBC7148821845FD970CE0F0C*SQ.1*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*TRA.true; Domain=.tripadvisor.com; Path=/
ServerPool=X; Domain=.tripadvisor.com; Path=/
TACds=A.1.11900.2.2022-10-23; Domain=.tripadvisor.com; Expires=Fri, 23-Dec-2022 03:24:30 GMT; Path=/
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
69355d04444eafa77d238e33dbeb78b3
1d7572ea148ee3482e58a5bdc24b5ef6e801ba84
6ad377a6346165151bb55fadfcdfe5b1d9d2c993e034a177745b79dfa89ba2c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=104075
Date: Mon, 24 Oct 2022 03:24:30 GMT
Etag: "6354f8f9-1d7"
Expires: Tue, 25 Oct 2022 08:19:05 GMT
Last-Modified: Sun, 23 Oct 2022 08:19:05 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jAVHzwgK8VfnWwroUT6aahlKMaRyGi-T3GkTJuOHTAVw2awxbkyVqw==

www.privatetour.com/img/badges/private-tour-4.png

178.157.15.209

200 OK

22 kB

URL HTTP/2
www.privatetour.com/img/badges/private-tour-4.png
IP
178.157.15.209:0
ASN
#42807 Aerotek Bilisim Sanayi ve Ticaret AS

File type
PNG image data, 320 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22022 bytes)
Hash
95560b652c50fb12d72defe3c3fc9d99
c64dbf60708ef06e65e028169a3fea9e8b090d21
f7f467ea88123f6e51bc444daf24b1577e6f4e90b81c9720d3afc6cffd65e2d6

HTTP Headers

GET /img/badges/private-tour-4.png HTTP/1.1
Host: www.privatetour.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 24 Oct 2023 03:24:30 GMT
content-type: image/png
last-modified: Thu, 01 Apr 2021 08:28:50 GMT
accept-ranges: bytes
content-length: 22022
date: Mon, 24 Oct 2022 03:24:30 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

gyg.me/kUtga42u

143.204.55.38

301 Moved Permanently

0 B

URL HTTP/2
gyg.me/kUtga42u
IP
143.204.55.38:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /kUtga42u HTTP/1.1
Host: gyg.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
content-length: 0
location: https://cdn.getyourguide.com/supplier-portal/assets/images/6a52159c.png
date: Mon, 24 Oct 2022 03:24:30 GMT
content-language: en-US
x-envoy-upstream-service-time: 12
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-request-id: b0b8e377-e1e9-4301-b5fa-931b96a5e13e
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x92o-m9GViFAmi18gK-5QPOULDKT2e7u74KeZnPB1CmUDaxQ2u0Ijw==
X-Firefox-Spdy: h2

cdn.getyourguide.com/supplier-portal/assets/images/6a52159c.png

54.230.111.48

200 OK

6.1 kB

URL HTTP/2
cdn.getyourguide.com/supplier-portal/assets/images/6a52159c.png
IP
54.230.111.48:0
ASN
#16509 AMAZON-02

File type
PNG image data, 285 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
6.1 kB (6123 bytes)
Hash
6a52159cdafaac586ebfb7cc928f71cd
3549bef9e5cf9bf01b5057ab7ee2357fb25b5de1
a3a4fa00768b12ec195c713f1b8118f640b32bd25696059c6a8d6e73401cd391

HTTP Headers

GET /supplier-portal/assets/images/6a52159c.png HTTP/1.1
Host: cdn.getyourguide.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 6123
date: Wed, 01 Jun 2022 09:30:11 GMT
last-modified: Mon, 16 Aug 2021 08:36:46 GMT
etag: "6a52159cdafaac586ebfb7cc928f71cd"
cache-control: max-age=31536000, public, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t5o4e13C0c7Uw5FFND-fIQ2UbpLl7mM0w5xSAIDTLsD5pHTkM_b_Wg==
age: 12506059
X-Firefox-Spdy: h2

www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2

23.38.201.85

200 OK

281 B

URL HTTP/2
www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2
IP
23.38.201.85:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (338)
Size
281 B (281 bytes)
Hash
5ea8deb6e9a482bdb443d32e971c3149
fe6574b405da0d1bc4b8c50f9fc9499506d0200c
e347c8de099ed32e599949c8011f1031e85c4e5d71d2ccb8fbd5d15934ebc213

HTTP Headers

GET /wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2 HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: envoy
expires: 0
cache-control: no-cache,no-store,must-revalidate
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
timing-allow-origin: https://www.tripadvisor.com
vary: Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
content-encoding: gzip
content-length: 281
date: Mon, 24 Oct 2022 03:24:30 GMT
set-cookie: TADCID=CEGgxm8ZkB_upkuxABQCFdpBzzOuRA-9xvCxaMyI13EPOay9nGJCxI624URiliKFDhp-Ra3_mxMVMUpLTFkkmUjXTvP4Qsb4tFU; Domain=www.tripadvisor.com; Expires=Thu, 21-Oct-2032 03:24:30 GMT; Path=/; Secure; HttpOnly
__vt=MEVvDz37bbKM3kZOABQCIf6-ytF7QiW7ovfhqc-AvSDs2XR4y-ZUXuPBBYNHYLLmR0Ki8frzHY1ophBpgBJAs3M_bfh0NlCaYArMwjRDmt2OEFNkVu1IrFv77ujSgoHR5RymJycLcGNKq1uZkp9Ueo88voE; Domain=www.tripadvisor.com; Expires=Mon, 24-Oct-2022 04:24:30 GMT; Path=/; Secure; HttpOnly
datadome=.A4GC7.2e-htWZvveMJ2PP8LSohAHrw0pyH9yCJbb4qu-rq5Q~aLHhrEzzDuOw8QWzVnbb7Wyxsrkqo0Vg2Q-C5uSL2hc-axsZRp9BqYscV1FSVdjCut_N~zgbEqck9l; Max-Age=31536000; Domain=.tripadvisor.com; Path=/; Secure; SameSite=Lax
_abck=18069327F23C19BCF59CA4522C66F728~-1~YAAQBk8kFyIAv/6DAQAAUDgFCAj2WR9lZgz9N9HCi+ujpmkhK99jrfB2biamT1VR9msm7r3Qv47crlRyrv/YS7Q4E+mgKDtPQ2i4UN1nznzPCAlzhtKXzmAFrr1P4cQxqw5nInTWvProdEM32lnDtx6cg0WE1CnP/hh/pUs30ntboSRDhhU+mfzH1xKjWUM2HFfJ4zd0chH38627pq6bKLXq5x85w3nrJWsIjyw3aCq2l3YKgzsaQhCgw0PHbeKstMGQCAgCrpA9cfuvrFMegwg4PlzoyauAZHAO9qfITmYxd7kgZUei0k+ElMHHuJ+fizOzYOeLzrNUxKx74ZjhOPOhnsHypnCqktE5plVih7mwCTyXNsGB6e2VW0qpB+62Ug==~-1~-1~-1; Domain=.tripadvisor.com; Path=/; Expires=Tue, 24 Oct 2023 03:24:30 GMT; Max-Age=31536000; Secure
bm_sz=A6BEABB954EE795B838D21658D8294D4~YAAQBk8kFyMAv/6DAQAAUDgFCBFdeomqAT0VEQYuLcrvVnml/KZdQhdN+nnwn6G/r6HM7a2R3UT9283oPvAt3agbAdEXYuiF5YaxmHPjCy/xH8Oz5D4GTfisl0iNbj/aFJaFSCjULnwInZrItFaIZehQOWDKfDeQnyH7bge+wMD/yh9jsSqfobS5g82WviEbk7M9v8A28QwYPXLuanH8wmDqdJ5E8iVSsQe7cynUyuZbS6c6uveJw5RM7TUWPRPcV3fhWrpKsKVw1VKFDdnMSMopbbgIX5pV40fKBOiS4cJ15qVDF9gB5Q==~3553348~3753272; Domain=.tripadvisor.com; Path=/; Expires=Mon, 24 Oct 2022 07:24:30 GMT; Max-Age=14400
X-Firefox-Spdy: h2

www.jscache.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2

151.101.86.83

301 Moved Permanently

0 B

URL HTTP/2
www.jscache.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2
IP
151.101.86.83:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2 HTTP/1.1
Host: www.jscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: envoy
location: https://www.tripadvisor.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2
expires: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-type: text/plain; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-datadome: protected
accept-ranges: bytes
date: Mon, 24 Oct 2022 03:24:30 GMT
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666581870.289528,VS0,VE423
content-length: 0
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
cde8257da86673a29a8f947eeadfd43a
f4573647aa48b72010149804f6194f9a281dca84
ae63651b8963e0cf8da8f1e097246846d32b3cd74a3e36b31206ca49438f59a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=97250
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:30 GMT
Etag: "6354de50-116"
Expires: Tue, 25 Oct 2022 06:25:20 GMT
Last-Modified: Sun, 23 Oct 2022 06:25:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278

www.tripadvisor.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2

23.38.201.85

200 OK

231 B

URL HTTP/2
www.tripadvisor.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2
IP
23.38.201.85:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
231 B (231 bytes)
Hash
4dcb05d8fe99aad5af553f00c6b95d7e
b05bc388b22600f959998919fa45a4dcb5d01752
77d661b3ed335344bc90b80e079f3d0bc604fd7dfe462b6799209bb5e7732191

HTTP Headers

GET /wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2 HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: envoy
expires: 0
cache-control: no-cache,no-store,must-revalidate
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
timing-allow-origin: https://www.tripadvisor.com
vary: Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-datadome: protected
content-encoding: gzip
content-length: 231
date: Mon, 24 Oct 2022 03:24:30 GMT
set-cookie: TADCID=DXXx6zUPHP4TmqcZABQCFdpBzzOuRA-9xvCxaMyI13EPObydBNLvu3YjSKLOjgHaJBwZC8FaGrHKuKuZYHvcEP8k5Ti7kuE1-Ro; Domain=www.tripadvisor.com; Expires=Thu, 21-Oct-2032 03:24:30 GMT; Path=/; Secure; HttpOnly
__vt=jpJnbmuUsjGzu3q_ABQCIf6-ytF7QiW7ovfhqc-AvSDs2d9Cx3kLAbcc2IRt8py_MZJA8sYLEVaRvp96dBRwMuDyPQsQKxZnSbGER26NLLb3bJ28QSmyXJGWLwJfgv55mlIEfA6BCdEiS0HBzkvEecMYgHs; Domain=www.tripadvisor.com; Expires=Mon, 24-Oct-2022 04:24:30 GMT; Path=/; Secure; HttpOnly
datadome=.ciqKJU_kAuiX6yyevirXUCMfspPI9mA2TjP.Zvec_xqnF0cQuiEzEAcuAxwkcresRW0rrwoXdSTcwOZvkyh7JT4y1aX.npPk00rau8BqJfW5sc~vs40-FdfXE3deZF; Max-Age=31536000; Domain=.tripadvisor.com; Path=/; Secure; SameSite=Lax
_abck=0F5B9C566545C3DFC344663298F1E7DC~-1~YAAQBk8kFyYAv/6DAQAADjkFCAjBghpKTepvgTVm8jjwGHiu+RIsvoE2wPKAJ6UlqO+QuKgbdQiBLp37vBAfmaRFFylSrQeI14t1DMdTX2xPu8gwDFFJc7x772Zr4kjdZVzkzsI3hqdiopysRPdC+XvBJCd9tDWOSNmQ5QCVNOu7zPz4Rp2FwNbmt5DGQqpLdvxf67mcOzZ6aJO2hjIy2ZN3LuHgU9L++hhjplMQh2W4Yf5fQb/+noeMeKQwGYUSAB039fC19v+JnQKaPoSjrC7IaDV0FkJHbeDguW4VEYCSmQwm+peeNZWy3Vmdug/P1RJXN/kHE/isrLUUvICicCgFQF4sq5GXxo5TPElL/mzaVcsKYJYQMp1UHB8S1/G8kA==~-1~-1~-1; Domain=.tripadvisor.com; Path=/; Expires=Tue, 24 Oct 2023 03:24:30 GMT; Max-Age=31536000; Secure
bm_sz=FFDF8F87F6DA9FB1641FD44499521513~YAAQBk8kFycAv/6DAQAADjkFCBHv4XscZhsIZDb7eBlAshJ5Z5iyEEQvQXis9YS4aw7ymh0vZ667IPyVfBDbeKMYSaPIHsiDHXf8En7zgtDnJWAF9R+wC+9r0WFakh+lHbaxhILI/MSeuETYv1ughgijSNzhAVlg2hSFpDUOnUtiYkxmGDh6X3Urf0g4AksPsKss0xy7n53Jcz+KMfaXm/slwYO8rcBgckyFW7tFgU0muOlKaOLRke08R2OvLgq/bLTS1F0TSfJSk7QVqNZMNFnt4HOd5R33hwxZPMfvCfNTFxL6jl7Fvg==~3553348~3753272; Domain=.tripadvisor.com; Path=/; Expires=Mon, 24 Oct 2022 07:24:30 GMT; Max-Age=14400
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/logo.png

68.65.122.186

200 OK

20 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/logo.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 138 x 83, 8-bit colormap, non-interlaced\012- data
Size
20 kB (19763 bytes)
Hash
1ced964956e309c9e0346576b65d1d8d
3c7061804302a0b9f0f8b6c47ba2d69e555cc7af
31bfbc9f813af1e2d2e76f2be4177ffbfde87efbd50da9fbab1187c2262c0800

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 19763
content-type: image/png
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/phone.png

68.65.122.186

200 OK

7.7 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/phone.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
7.7 kB (7727 bytes)
Hash
4755dd7732b8cbb11a19c488c19a1e6d
6c924c8cb64cc3e0277690fa3cea37c2afe421d6
2a6af9dabb1ffbeeecab784b10e99e7a9f1579fade1ad29a368e4f12667a72e3

HTTP Headers

GET /images/phone.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:32 GMT
accept-ranges: bytes
content-length: 7727
content-type: image/png
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/Cruzeiro-Safaris-Ltdkatologobonded.jpg

68.65.122.186

200 OK

16 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/Cruzeiro-Safaris-Ltdkatologobonded.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 147x150, components 3\012- data
Size
16 kB (16468 bytes)
Hash
de5a988c5e75dd83d61077c835c5fafd
2108127c7413d788bcc7f13656506f1ed2e4b615
92ffdcb0e1d7cddc56d22fcfaed7887116dd4e493e922d4ccde845c02d73c8de

HTTP Headers

GET /images/Cruzeiro-Safaris-Ltdkatologobonded.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 16468
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/wildlife_animals/IMG_20170430_152429.jpg

68.65.122.186

200 OK

41 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/wildlife_animals/IMG_20170430_152429.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x582, components 3\012- data
Size
41 kB (41207 bytes)
Hash
61086555f4218996840fb643c5888724
2104356b2e90876ff2fbf609d57590afafb178aa
6fb40723209d19ec04682562451519a4550c1efd739a4bec6bd9bcd9b8156ba3

HTTP Headers

GET /images/wildlife_animals/IMG_20170430_152429.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:31 GMT
accept-ranges: bytes
content-length: 41207
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/safaris/lions.jpg

68.65.122.186

200 OK

32 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/safaris/lions.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x375, components 3\012- data
Size
32 kB (31662 bytes)
Hash
17122a30ad6fba04840e2b4cca5863a2
39850dd41cfd40f7830db6b855033a93eb5c1a3a
8fac717efb1751584ea446f2861fddacb48deb5f016337ab017f3ba92dae7c1c

HTTP Headers

GET /images/safaris/lions.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:29 GMT
accept-ranges: bytes
content-length: 31662
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/online-booking-tours.jpg

68.65.122.186

200 OK

19 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/online-booking-tours.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 200x200, components 3\012- data
Size
19 kB (18988 bytes)
Hash
0d42e1d1bc799c5d4c176eab504b860d
19e539a1334af02480ee600857e58f629922f475
f1aca7e4c91bc1b3c6a1cec99163ccdee0af977629aa6c18d3cfc861955f4f11

HTTP Headers

GET /images/online-booking-tours.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:27 GMT
accept-ranges: bytes
content-length: 18988
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/social/bookmundi.png

68.65.122.186

200 OK

5.9 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/social/bookmundi.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 203 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
5.9 kB (5908 bytes)
Hash
45bff72e5f9eeeb63dea8823c5b1489e
0bed815e8841fb39c3e125e0e30cc38cdc7d1fc1
6fc9f517559a199ebf55eccf6df69382ccb96e3b3d374f2b5dc8a56fdf9bd0be

HTTP Headers

GET /images/social/bookmundi.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 5908
content-type: image/png
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/social/tw.png

68.65.122.186

200 OK

4.0 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/social/tw.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
4.0 kB (3970 bytes)
Hash
ff5a46434a077162166add229a02d9ae
af11a6b6d0882b3d1b908cc9bd4ca8f3d62912d9
240ccfca0c6d63360debf27c8a84ffb56c191fdb1d542bcbea21d3dbf6890ccd

HTTP Headers

GET /images/social/tw.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 3970
content-type: image/png
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4c236f4ca13cd8fafc580bceb0995642
b6a7de7a8d994ed2cfb5ac74b6d7703de515ecdb
671228953eba5b2678df03acebb493e411752c6f5f72ff7f1e485032241d4aeb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Open+Sans:600,400,300

142.250.74.10

200 OK

1.2 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:600,400,300
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1156 bytes)
Hash
fc83d442efeeb5ae6500ea76302eccd3
884faee79c481bb450651110682ec92a596b3fbd
237649f00156befafce65fa928a7418dea274d3c181433f276817e9c5418450a

HTTP Headers

GET /css?family=Open+Sans:600,400,300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 24 Oct 2022 03:24:33 GMT
date: Mon, 24 Oct 2022 03:24:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/ntr-logo.png

68.65.122.186

200 OK

15 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/ntr-logo.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 340 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (15379 bytes)
Hash
2db71ed71bd7d1959a83f9c52e190ee4
6bf88032861a81d0eca4fc53e13da6dc6b427d28
96dc6a9fb4241833f8cf2bf767fb2a98db902752fbf007c54e5435c09cc52cce

HTTP Headers

GET /images/ntr-logo.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Thu, 19 Nov 2020 16:21:41 GMT
accept-ranges: bytes
content-length: 15379
content-type: image/png
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/social/yt.png

68.65.122.186

200 OK

5.7 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/social/yt.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
5.7 kB (5698 bytes)
Hash
ac8caec94310fa12d840e74235ab7bc2
b0c7fb16777940b987d2333ef83bd4b116cb164b
951bce6cca58c0df67b1ca1edf8f897289ccf3ac0f7926c22e540a87599f4be1

HTTP Headers

GET /images/social/yt.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 5698
content-type: image/png
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/aliexpressonline_store.png

68.65.122.186

200 OK

13 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/aliexpressonline_store.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 398 x 89, 8-bit/color RGB, non-interlaced\012- data
Size
13 kB (12721 bytes)
Hash
856819177971294497f45f2fdfe1895a
d8c95dffc3f608e921ac14ca0f320fe0d02e1fd7
232ea19b620e42e57599d7f50a23a68cedab0565afdfb3949094595a3e0808c5

HTTP Headers

GET /images/aliexpressonline_store.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Wed, 04 Nov 2020 18:34:57 GMT
accept-ranges: bytes
content-length: 12721
content-type: image/png
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/email-icon.png

68.65.122.186

200 OK

5.7 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/email-icon.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
5.7 kB (5698 bytes)
Hash
f5546f288c112eb513a453e7856ba024
57aefb6d7c65c0457b45e070a8efd5dff4bddafe
5e11b77b10368d77a63315c53351bb3581254f1f00baff3213fe9f3ce270d2b4

HTTP Headers

GET /images/email-icon.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 5698
content-type: image/png
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/social/g+.png

68.65.122.186

200 OK

5.6 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/social/g+.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
5.6 kB (5552 bytes)
Hash
aff40945bf410a8c3ca75d65b0b9bb48
ca09a09d19cec73cb4086717eeb19912311cb7ad
1db6c0f5293f66c93abd7c066d692d1a7873b5556e9873b7f75d7d775ccbab56

HTTP Headers

GET /images/social/g+.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 5552
content-type: image/png
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/social/fb.png

68.65.122.186

200 OK

3.4 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/social/fb.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
3.4 kB (3386 bytes)
Hash
dd9b9178e2324bc658f824e4ccb52298
101a59701d9ad676d963b5ea21ed9f26051c4081
19ee1ef3b6f79fd79b0f091856705e0be115789fe2f13fb7bfa00279f04d6b04

HTTP Headers

GET /images/social/fb.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 3386
content-type: image/png
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/social/blg.png

68.65.122.186

200 OK

4.7 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/social/blg.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
4.7 kB (4737 bytes)
Hash
f4d353b1d3caac5b371e6df7a6ede420
c92121e8da79b0ddafd67a492b6a6106a221a92f
6a1b922e613b6a597bb2c51d93ea739056afcdf9e6cfc25bd9e8854cbbcce6c1

HTTP Headers

GET /images/social/blg.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 4737
content-type: image/png
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/bdg_now_accepting_pp_2line_w.png

68.65.122.186

200 OK

13 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/bdg_now_accepting_pp_2line_w.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 334 x 127, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12843 bytes)
Hash
29b112f4344afeb41834a4b28ef4c0be
37e4289c874cd2236add4a7013a2b0310cc59a63
b5796db96672733b8b49dc498bd4e1e03f54b3b9a9944e202e1f5e418534d1a2

HTTP Headers

GET /images/bdg_now_accepting_pp_2line_w.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:29 GMT
accept-ranges: bytes
content-length: 12843
content-type: image/png
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/affiliatescript.js

68.65.122.186

404 Not Found

618 B

URL HTTP/2
www.cruzeiro-safaris.com/affiliatescript.js
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
618 B (618 bytes)
Hash
f703cb3bc795979904c5a2dad2e6afb1
b2ba22b2581cdeb1adc7facebe2be79b527b434a
8532e017067f751227241644c8135e8a39fd30cdc92519e88e41f899b58f8f82

HTTP Headers

GET /affiliatescript.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: no-cache
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 618
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/logo-1.png

68.65.122.186

200 OK

60 kB

URL HTTP/2
www.cruzeiro-safaris.com/images/logo-1.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 104 x 67, 8-bit/color RGBA, non-interlaced\012- data
Size
60 kB (60171 bytes)
Hash
776452c352a18a4b57f05a02413c65ba
4ce88c247d3eeb0666fce21f786d40b3fdef8f89
441294f949bb44d7fc3569b151f80de8f0e138c7cfb36c6d6bfc7ce824087440

HTTP Headers

GET /images/logo-1.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 60171
content-type: image/png
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/media/template/gzip.php?theme-477e2af4.js

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/media/template/gzip.php?theme-477e2af4.js
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/template/gzip.php?theme-477e2af4.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours23.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours23.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours23.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 339618
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/media/template/gzip.php?slideshow.min-6b1ad39a.css

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/media/template/gzip.php?slideshow.min-6b1ad39a.css
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/template/gzip.php?slideshow.min-6b1ad39a.css HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/media/template/gzip.php?slideshow.min-14e73ec0.js

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/media/template/gzip.php?slideshow.min-14e73ec0.js
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/template/gzip.php?slideshow.min-14e73ec0.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotour6.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotour6.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotour6.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 130187
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours26.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours26.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours26.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 226076
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/media/template/gzip.php?theme-1fc42130.css

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/media/template/gzip.php?theme-1fc42130.css
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/template/gzip.php?theme-1fc42130.css HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours5.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours5.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours5.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 243463
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours20.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours20.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours20.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 314334
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours9.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours9.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours9.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 489838
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/media/template/gzip.php?mootools-core-481605f6.js

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/media/template/gzip.php?mootools-core-481605f6.js
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/template/gzip.php?mootools-core-481605f6.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/media/template/gzip.php?jquery.min-45fe031d.js

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/media/template/gzip.php?jquery.min-45fe031d.js
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/template/gzip.php?jquery.min-45fe031d.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/pesapal_logo.png

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/pesapal_logo.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/pesapal_logo.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 24448
content-type: image/png
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours29.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours29.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours29.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 345939
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours4.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours4.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours4.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:29 GMT
accept-ranges: bytes
content-length: 537123
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours13.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours13.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours13.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 298352
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/nairobi-tours/DSC02480.JPG

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/nairobi-tours/DSC02480.JPG
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/nairobi-tours/DSC02480.JPG HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Mon, 12 Sep 2022 17:52:43 GMT
accept-ranges: bytes
content-length: 942299
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/safaris/amboseli-elephants.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/safaris/amboseli-elephants.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/safaris/amboseli-elephants.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:29 GMT
accept-ranges: bytes
content-length: 59912
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours10.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours10.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours10.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 281151
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/nairobi-tours/dinnerandshow_cruzeirosafariskenya.JPG

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/nairobi-tours/dinnerandshow_cruzeirosafariskenya.JPG
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/nairobi-tours/dinnerandshow_cruzeirosafariskenya.JPG HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Mon, 12 Sep 2022 17:38:07 GMT
accept-ranges: bytes
content-length: 32479
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/kato_logo_white.png

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/kato_logo_white.png
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/kato_logo_white.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Fri, 27 Mar 2020 10:32:48 GMT
accept-ranges: bytes
content-length: 139873
content-type: image/png
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours15.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours15.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours15.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 273026
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/media/template/gzip.php?jquery-noconflict-52794473.js

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/media/template/gzip.php?jquery-noconflict-52794473.js
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/template/gzip.php?jquery-noconflict-52794473.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/media/template/gzip.php?jquery-migrate.min-d90f61f8.js

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/media/template/gzip.php?jquery-migrate.min-d90f61f8.js
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/template/gzip.php?jquery-migrate.min-d90f61f8.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/media/template/gzip.php?mootools-more-ea188992.js

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/media/template/gzip.php?mootools-more-ea188992.js
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/template/gzip.php?mootools-more-ea188992.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2

www.yourafricansafari.com/images/widget/your-african-safari-4.png

172.67.188.220

404 Not Found

0 B

URL HTTP/2
www.yourafricansafari.com/images/widget/your-african-safari-4.png
IP
172.67.188.220:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/widget/your-african-safari-4.png HTTP/1.1
Host: www.yourafricansafari.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
date: Mon, 24 Oct 2022 03:24:30 GMT
content-type: text/html; charset=UTF-8
vary: Cookie, Accept-Encoding
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: BYPASS
set-cookie: sessionid=eyJ1dWlkIjoiYjg0Y2EzMDMtN2JjYy00NTAyLTgxNjktZjdiYTVjMmQ2NWQ5In0:1omo4k:M5Ku-dqHzoGtf792Jvl3Emx3LOBS2m7WaTDE_Xgw_fE; expires=Mon, 07 Nov 2022 03:24:30 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=Lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9ofRZ%2FlEvGIo7O7gxuTDZy04Yyk5RObcafxtcdLZ8Ha2M5jdisXRz2fTP%2FkQ0IqNmQ3zodWzEBY3ckvK255JbWw44b5mub0NADc2E5gGe9PMpOQV6y4k4WyysmRxciL86svMWIC4Gby0ZIM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75ef9990d83c0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours22.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours22.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours22.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 303576
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/media/template/gzip.php?bootstrap-40750577.css

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/media/template/gzip.php?bootstrap-40750577.css
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/template/gzip.php?bootstrap-40750577.css HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours19.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours19.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours19.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 270008
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours16.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours16.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours16.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 386239
content-type: image/jpeg
X-Firefox-Spdy: h2

widget.getyourguide.com/pw/latest/client-loader/widget.js

54.230.111.29

200 OK

0 B

URL HTTP/2
widget.getyourguide.com/pw/latest/client-loader/widget.js
IP
54.230.111.29:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pw/latest/client-loader/widget.js HTTP/1.1
Host: widget.getyourguide.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Fri, 02 Sep 2022 11:09:36 GMT
server: AmazonS3
content-encoding: br
date: Mon, 24 Oct 2022 03:24:31 GMT
cache-control: max-age=100, public, must-revalidate
etag: W/"cdccb3dfe63f8d329d5d91edffd4bccc"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6hTGqr7-YE10NXBVk2G8zy12uo-RQAEyJ3ruZd7TgISTO36Rv-9Olg==
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/media/template/gzip.php?core-d38c101f.js

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/media/template/gzip.php?core-d38c101f.js
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/template/gzip.php?core-d38c101f.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/media/template/gzip.php?bootstrap.min-ee11376e.js

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/media/template/gzip.php?bootstrap.min-ee11376e.js
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/template/gzip.php?bootstrap.min-ee11376e.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours12.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours12.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours12.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 381626
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours30.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours30.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours30.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 373781
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours25.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours25.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours25.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 340363
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours1.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours1.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours1.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 90337
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours8.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours8.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours8.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 263566
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours18.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours18.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours18.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 286155
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours17.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours17.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours17.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 329842
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotour2.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotour2.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotour2.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 352594
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours11.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours11.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours11.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 292108
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours2.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours2.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours2.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 434031
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours3.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours3.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours3.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 311961
content-type: image/jpeg
X-Firefox-Spdy: h2

www.cruzeiro-safaris.com/images/slides/cruzeirotours14.jpg

68.65.122.186

200 OK

0 B

URL HTTP/2
www.cruzeiro-safaris.com/images/slides/cruzeirotours14.jpg
IP
68.65.122.186:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/slides/cruzeirotours14.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 333676
content-type: image/jpeg
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations