peliculashdlatina.com/2015/02/wyrmwood-2014-online.html
81.171.22.7200 OK 510 B URL HTTP/1.1 peliculashdlatina.com/2015/02/wyrmwood-2014-online.html
IP 81.171.22.7:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (510), with no line terminators
Hash 75e33ca4edea3f76c6590797aa89c7a0
e515b2d6532cbfcdd1e4756a570be71b74bc017f
f2329c4320a3ad2967fc22550967159218f2640b86664df8c73193135ab59f23
Analyzer Verdict Alert fortinet Phishing
GET /2015/02/wyrmwood-2014-online.html HTTP/1.1
Host: peliculashdlatina.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 510
content-type: text/html; charset=utf-8
date: Mon, 24 Oct 2022 03:24:25 GMT
server: nginx
set-cookie: sid=5c8f0040-534b-11ed-ad1c-0c8902498aa8; path=/; domain=.peliculashdlatina.com; expires=Sat, 11 Nov 2090 06:38:32 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14700
Expires: Mon, 24 Oct 2022 07:29:26 GMT
Date: Mon, 24 Oct 2022 03:24:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 24 Oct 2022 02:52:56 GMT
Expires: Mon, 24 Oct 2022 03:43:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mOZA6BAUFah_xahUyZxQBIFLmUBm1M1kBTEmdq2RAFjhJQ5q_TaJXg==
Age: 1890
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6226
Expires: Mon, 24 Oct 2022 05:08:12 GMT
Date: Mon, 24 Oct 2022 03:24:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MY48x1aXf9eVQcAX2OBTDTY7K2fOGxjKXtZgjPI5q/UA02820/xlRNREI4gjHyL2RwOKy4vz9J8=
x-amz-request-id: ZZ6XAS4QHNF918K2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 24 Oct 2022 02:38:13 GMT
age: 2773
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 03:24:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
peliculashdlatina.com/favicon.ico
81.171.22.7404 Not Found 9 B URL HTTP/1.1 peliculashdlatina.com/favicon.ico
IP 81.171.22.7:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: peliculashdlatina.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://peliculashdlatina.com/2015/02/wyrmwood-2014-online.html
Cookie: sid=5c8f0040-534b-11ed-ad1c-0c8902498aa8
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Mon, 24 Oct 2022 03:24:25 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 24 Oct 2022 02:43:40 GMT
Cache-Control: max-age=3600
Expires: Mon, 24 Oct 2022 02:51:29 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9ygcHxSQGktS7B8EfGFUUtWaZ9up_SwBuAKIqAWtloiiI61k4RzU7w==
Age: 3054
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 60d5d7cce6c32a6bdaf0d4c92ec93a1a
cd29edee660366b41749cfd206bdc08fb421449c
fb90c4cc44b32e4ca4a7d1533bbf4a2fd5c482dda5d232f1be2334f3cefbbb0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2501
Cache-Control: max-age=105838
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:26 GMT
Etag: "6354f613-1d7"
Expires: Tue, 25 Oct 2022 08:48:24 GMT
Last-Modified: Sun, 23 Oct 2022 08:06:43 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.149.219.22101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.219.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Lo8XpEKpniESvd5a4XsUNA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: V92gRJGrdnQpDsHRP+gDASTf2r0=
peliculashdlatina.com/2015/02/wyrmwood-2014-online.html?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NjU4OTA2NSwiaWF0IjoxNjY2NTgxODY1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2dlNm80OXZnZTY3dWRzaG8xZG81ZWoiLCJuYmYiOjE2NjY1ODE4NjUsInRzIjoxNjY2NTgxODY1ODk4Mzc1fQ.drbq2e3rlz00dMFZK96_mDLg0qZSCs7167vFIwVOiRI&sid=5c8f0040-534b-11ed-ad1c-0c8902498aa8
81.171.22.7302 Found 11 B URL HTTP/1.1 peliculashdlatina.com/2015/02/wyrmwood-2014-online.html?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NjU4OTA2NSwiaWF0IjoxNjY2NTgxODY1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2dlNm80OXZnZTY3dWRzaG8xZG81ZWoiLCJuYmYiOjE2NjY1ODE4NjUsInRzIjoxNjY2NTgxODY1ODk4Mzc1fQ.drbq2e3rlz00dMFZK96_mDLg0qZSCs7167vFIwVOiRI&sid=5c8f0040-534b-11ed-ad1c-0c8902498aa8
IP 81.171.22.7:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /2015/02/wyrmwood-2014-online.html?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NjU4OTA2NSwiaWF0IjoxNjY2NTgxODY1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2dlNm80OXZnZTY3dWRzaG8xZG81ZWoiLCJuYmYiOjE2NjY1ODE4NjUsInRzIjoxNjY2NTgxODY1ODk4Mzc1fQ.drbq2e3rlz00dMFZK96_mDLg0qZSCs7167vFIwVOiRI&sid=5c8f0040-534b-11ed-ad1c-0c8902498aa8 HTTP/1.1
Host: peliculashdlatina.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://peliculashdlatina.com/2015/02/wyrmwood-2014-online.html
Cookie: sid=5c8f0040-534b-11ed-ad1c-0c8902498aa8
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 24 Oct 2022 03:24:26 GMT
location: http://bilqi-omv.com/zcvisitor/5ccf3759-534b-11ed-aa52-0aec562557f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=5ce7ef75-534b-11ed-aa52-0aec562557f9
server: nginx
set-cookie: sid=5c8f0040-534b-11ed-ad1c-0c8902498aa8; path=/; domain=.peliculashdlatina.com; expires=Sat, 11 Nov 2090 06:38:34 GMT; max-age=2147483647; HttpOnly
bilqi-omv.com/zcvisitor/5ccf3759-534b-11ed-aa52-0aec562557f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=5ce7ef75-534b-11ed-aa52-0aec562557f9
35.174.150.83200 996 B URL HTTP/1.1 bilqi-omv.com/zcvisitor/5ccf3759-534b-11ed-aa52-0aec562557f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=5ce7ef75-534b-11ed-aa52-0aec562557f9
IP 35.174.150.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash db6efb32e0c7c92978cf9a3770a53a74
f57c45e1d52320470be9787420f1ecd9f6afb3f4
8fdfcf022be6d0e51d57e4dd8975702779756fba297a27b067df90e03b95e140
GET /zcvisitor/5ccf3759-534b-11ed-aa52-0aec562557f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=5ce7ef75-534b-11ed-aa52-0aec562557f9 HTTP/1.1
Host: bilqi-omv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://peliculashdlatina.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 24 Oct 2022 03:24:27 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: ajCHvhjZ
bilqi-omv.com/zcredirect?visitid=5ccf3759-534b-11ed-aa52-0aec562557f9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
35.174.150.83200 278 B URL HTTP/1.1 bilqi-omv.com/zcredirect?visitid=5ccf3759-534b-11ed-aa52-0aec562557f9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP 35.174.150.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4d4886179da1fc4300ef5d51a064a885
301d4b04db1c408b0ebe89db9fea984cfe9ed0c1
107055aa656960fdf6a08fda05db46731e8784cdfb879a81ac75c0e161c9da6e
GET /zcredirect?visitid=5ccf3759-534b-11ed-aa52-0aec562557f9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: bilqi-omv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bilqi-omv.com/zcvisitor/5ccf3759-534b-11ed-aa52-0aec562557f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=5ce7ef75-534b-11ed-aa52-0aec562557f9
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 24 Oct 2022 03:24:27 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: SwsEcIDS
bilqi-omv.com/favicon.ico
35.174.150.83404 653 B URL HTTP/1.1 bilqi-omv.com/favicon.ico
IP 35.174.150.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: bilqi-omv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bilqi-omv.com/zcredirect?visitid=5ccf3759-534b-11ed-aa52-0aec562557f9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
HTTP/1.1 404
Date: Mon, 24 Oct 2022 03:24:27 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: DBSplLvv
xml-v4.netload1.com/click?i=dEC88ESHrB4_0
198.134.116.17302 Found 0 B URL HTTP/1.1 xml-v4.netload1.com/click?i=dEC88ESHrB4_0
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=dEC88ESHrB4_0 HTTP/1.1
Host: xml-v4.netload1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bilqi-omv.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://zeep.ly/59rrZ
Pragma: no-cache
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6967
Expires: Mon, 24 Oct 2022 05:20:35 GMT
Date: Mon, 24 Oct 2022 03:24:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6967
Expires: Mon, 24 Oct 2022 05:20:35 GMT
Date: Mon, 24 Oct 2022 03:24:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6967
Expires: Mon, 24 Oct 2022 05:20:35 GMT
Date: Mon, 24 Oct 2022 03:24:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6967
Expires: Mon, 24 Oct 2022 05:20:35 GMT
Date: Mon, 24 Oct 2022 03:24:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6967
Expires: Mon, 24 Oct 2022 05:20:35 GMT
Date: Mon, 24 Oct 2022 03:24:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af3d4b4d16ad8b30805be96afa6472e3
bceb257123711c43994e5a03e9caf22eeee16423
30d7fea8d87522ce3ba2abf2c47e0025af1b7c05d6b4ea9f26aaa1f06aff4a67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10072
x-amzn-requestid: 2f26fcdb-0540-49ea-be46-83c00182fcc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0FKvoAMFVFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-1be524647e3db4a211e4c4ff;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sNu31Qx0p_Ikus0GsGKRNGVxOGnIRSewAXfkXyzOCmT6bJ1D1Qz-0w==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:10:20 GMT
etag: "bceb257123711c43994e5a03e9caf22eeee16423"
content-type: image/jpeg
age: 18848
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9983bdfe8dbe8386970aae586bb57575
4c5ff521fec700a1cda73325eebbeb88f97baa39
775d510a8d82ed993085e3d828c33b75eee99db2911b90d6151faf5c2e25b5d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9894
x-amzn-requestid: 8d639b03-49d2-411b-b0ca-39c5dafe21f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelOtF6YIAMF-4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b591-230070a06848d4d90ea4f6ef;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mYzFAcyUErnaOlGBX0ygFYZ4608EanLq5V4xzX7qCHQRGzkKwwWvHw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:36:45 GMT
age: 17263
etag: "4c5ff521fec700a1cda73325eebbeb88f97baa39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f5d706-03b5-40c4-9fef-abddcb255f99.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f5d706-03b5-40c4-9fef-abddcb255f99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1974529bf378941c1b76662e2b283988
cdde9ea46af873e3f838bdb35d69cc0844016311
7c39112dbb1088fe09e010fcd5d85b63a34ac40c7b93e0e9873715ccdf0ac579
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f5d706-03b5-40c4-9fef-abddcb255f99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10420
x-amzn-requestid: 9fbc5930-f615-4548-a683-061be9a67bb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDFGPhoAMFVzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b546-0563eb5f6ba62af65182fc3c;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YsNdkkNvH6bzM34S-EiZhHuOPYikzpYLTPqWlJFLx2-dMEf9oRnP_g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:09:42 GMT
age: 18886
etag: "cdde9ea46af873e3f838bdb35d69cc0844016311"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13985f97-93f1-44be-8be0-92fb128d3c51.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13985f97-93f1-44be-8be0-92fb128d3c51.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5516af00c2c5dcb5a8c873b6f61ea0df
088236fab64197c530ba85242bf798f13669179e
c7a99982b8af0e2b28bab9cf5b24fc75b50ae172d5c529efec9161c7d436ff90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13985f97-93f1-44be-8be0-92fb128d3c51.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11927
x-amzn-requestid: 78067be5-c9cf-4ee0-a5b0-86fd32baca38
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelCxGiFIAMFWHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b544-5df3064a5b15f2ee370e4016;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ttoLy6qZlouNOrCv4DGJ8QAL_5dW1dagr9dj_cFWwAXzLKdd8W_WbA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:52:34 GMT
age: 19914
etag: "088236fab64197c530ba85242bf798f13669179e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c16ee3c480c8ee5b51b7dd88375649ae
885e2070d3ea7973fd978e1e9c247ce248afdbbb
4086d5476b9f3b6c06535fc588784c19a52008178cbdeccbff4c98497bd8e428
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: 5bbcd9f1-fa0a-4591-a38c-b472e2ef148f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelC7EZ4oAMFmvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b545-754aa64e1249811f2c019641;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: U1Xa3qCT8SgSakuW_ts-fzukr1EsY1OWLxLOJbfqsuq7tCD13n7BPg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:49:47 GMT
age: 20081
etag: "885e2070d3ea7973fd978e1e9c247ce248afdbbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6cd3b0c2f628a973659cdb368dfc64cf
c5097681a4dcff980dc788191356e7e7c21ef3b1
03374811ad045fafd0d6898ef3b1beea094b785e8144f570e2d7e9912773c2a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10380
x-amzn-requestid: 9027dbc2-08da-449f-9a40-59c58169fa28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDlG5XIAMFTTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b549-4dd10f5c123194ff6ce4070f;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tNvto_msO-2-BKygBoOYkO_BwaZjdZroH9-tDWwsoyE60iQBH742lQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:09:39 GMT
age: 18889
etag: "c5097681a4dcff980dc788191356e7e7c21ef3b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zeep.ly/59rrZ
95.217.202.210301 Moved Permanently 20 B IP 95.217.202.210:0
ASN #24940 Hetzner Online GmbH
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /59rrZ HTTP/1.1
Host: zeep.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bilqi-omv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Oct 2022 03:24:28 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: PHPSESSID=10be4390ac7c4da2c6d3bdac118dbd0c; path=/
short_59rrZ=1; expires=Mon, 24-Oct-2022 03:54:28 GMT; Max-Age=1800; path=/; HttpOnly
Location: https://www.cruzeiro-safaris.com/
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a941f5064322a51934db7597d21cd89c
d0088a1cb5cb38da47697d7f18d9ffb86f076b5a
176dda79522a22795a07def067acd8bd0311d86efee4010f332c7e28c92f3752
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 03:24:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 23 Oct 2022 16:08:05 GMT
Expires: Sun, 30 Oct 2022 16:08:04 GMT
Etag: "d0088a1cb5cb38da47697d7f18d9ffb86f076b5a"
Cache-Control: max-age=563614,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75ef99893eceb515-OSL
www.cruzeiro-safaris.com/
68.65.122.186200 OK 34 kB URL HTTP/2 www.cruzeiro-safaris.com/
IP 68.65.122.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5259), with CRLF, LF line terminators
Hash 0f8a6381b2e1109599fa10a11b36b658
2686ad3a99e839e380d88afc9194fa223cd8292b
4bb3b5f6c95cb4ae2a21bb72d8cea20112430c21ecaa1b12082c50c729abce0f
GET / HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bilqi-omv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:29 GMT
server: Apache
x-powered-by: PHP/7.4.32
expires: Wed, 17 Aug 2005 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7; path=/; HttpOnly
last-modified: Mon, 24 Oct 2022 03:24:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 33883
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cde8257da86673a29a8f947eeadfd43a
f4573647aa48b72010149804f6194f9a281dca84
ae63651b8963e0cf8da8f1e097246846d32b3cd74a3e36b31206ca49438f59a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=97250
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:30 GMT
Etag: "6354de50-116"
Expires: Tue, 25 Oct 2022 06:25:20 GMT
Last-Modified: Sun, 23 Oct 2022 06:25:20 GMT
Server: nginx
Content-Length: 278
cache.vtrcdn.com/images/10067/viator-top-rated.png
2.21.203.118301 Moved Permanently 274 B URL HTTP/2 cache.vtrcdn.com/images/10067/viator-top-rated.png
IP 2.21.203.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 415fb1f589a77a20e16c4c81233a5a81
5ae4f482a07270dd5d52b139b9c7edf45d5b2a8c
51e2830cc4a231e1bfc567eaa4d495966d129b4e5f4efe7cc40c9b0cf723489f
GET /images/10067/viator-top-rated.png HTTP/1.1
Host: cache.vtrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
content-length: 274
location: https://cache.vtrcdn.com/orion/images/widgets/viator-top-rated.png
strict-transport-security: max-age=15724800; includeSubDomains
x-unique-id: 02106E75:ADBC_0A280927:01BB_634E0277_5B6A74:570A
traceparent: 00-683288b74d3f421798710764fd97b3f0-b758ed04da4e17b6-00
expires: Tue, 25 Oct 2022 01:33:44 GMT
server: Apache
date: Mon, 24 Oct 2022 03:24:30 GMT
X-Firefox-Spdy: h2
www.viator.com/orion/partner/widget.js
2.21.203.118200 OK 675 B URL HTTP/2 www.viator.com/orion/partner/widget.js
IP 2.21.203.118:0
File type ASCII text, with very long lines (1381), with no line terminators
Hash 2d338a630462243b5ebcd1bdcf79dfef
5bd484d233a142b236df962f0614c99509f7b402
186d167a4caa85d7e6b1e306b6e73507b2375955e9c1dd08210ff3a6a19b26ea
GET /orion/partner/widget.js HTTP/1.1
Host: www.viator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
last-modified: Thu, 22 Sep 2022 13:17:36 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15724800; includeSubDomains
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' *.viator.com:*
vary: accept-encoding
content-encoding: gzip
x-unique-id: 17C1746E:CBBF_0A280DA7:01BB_632C56C3_71D16:5771
traceparent: 00-12dbadcb8e654d0ebbdce6a853aaa297-877afc91558e8670-00
expires: Thu, 29 Sep 2022 12:36:19 GMT
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
server: Apache
content-length: 675
date: Mon, 24 Oct 2022 03:24:30 GMT
X-Firefox-Spdy: h2
cache.vtrcdn.com/orion/images/widgets/viator-top-rated.png
2.21.203.118200 OK 7.2 kB URL HTTP/2 cache.vtrcdn.com/orion/images/widgets/viator-top-rated.png
IP 2.21.203.118:0
File type PNG image data, 150 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 4717efd439984bfb9c3aca93e99d9412
5910801df783caadd73afa622004fe2030306c36
504275ff94ccf3630e3bcf2e684da3be57d6326a5120b29604c1fcb017a74efc
GET /orion/images/widgets/viator-top-rated.png HTTP/1.1
Host: cache.vtrcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png;charset=UTF-8
content-length: 7232
last-modified: Tue, 18 Oct 2022 20:23:54 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15724800; includeSubDomains
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' *.viator.com:*
x-unique-id: 17C1747C:C393_0A280E75:01BB_634FD2A0_2E3D4B:5F8F
traceparent: 00-b97395b0557340ecb90b27442ba0919c-859a9dd6abe31e8e-00
expires: Wed, 26 Oct 2022 10:34:08 GMT
server: Apache
date: Mon, 24 Oct 2022 03:24:30 GMT
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/plugins/system/jce/css/content.css?15605b57da1d35b72b6bbcf44f8916c1
68.65.122.186200 OK 1.0 kB URL HTTP/2 www.cruzeiro-safaris.com/plugins/system/jce/css/content.css?15605b57da1d35b72b6bbcf44f8916c1
IP 68.65.122.186:0
File type ASCII text, with very long lines (7728), with no line terminators
Hash 72ba0fc56a7ed0dc3ddbb9d754f63903
99cfaaed5fc9e32da79ab54247fc33bf4d3c7655
5c6b68e0c8c2a0b5157281233aa2f32bd413b0c15131875ddd0e6c9bac612bd1
GET /plugins/system/jce/css/content.css?15605b57da1d35b72b6bbcf44f8916c1 HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Wed, 19 May 2021 06:54:08 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1018
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff9e215637e7d64c01fd3590b8b6dcc7
3ad7fea9f519384210918af8a56990f36e68a07b
83c0739ae5c8b8b5ea39b2bc2049478e8deaea80cb4ef5570f107da907f4f208
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.getyourguide.com/v2/widget.js
54.230.111.29301 Moved Permanently 0 B URL HTTP/2 widget.getyourguide.com/v2/widget.js
IP 54.230.111.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/widget.js HTTP/1.1
Host: widget.getyourguide.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
content-length: 0
location: https://widget.getyourguide.com/pw/latest/client-loader/widget.js
date: Mon, 24 Oct 2022 03:24:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-request-id: 2e80364a-bc6a-4a3f-8fad-b2c33ef1933c
server: istio-envoy
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nZ8aPAyVdqSP03xIxPO_flyp793QveFHghgaGpF46FTbqs6AlChbJw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05ee461624e2ec37f65e859afe6543ba
b99dcb558535d3d35d140e730aeeb41587622b30
576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1ea30e37b7f86b7d0a7cb7341087fdc1
2e88a09e17356724c7e0f488d70be82ebc64f55c
bb85d7fbaf1d4c0dc0a7cd27aebc8f21f942bf703896186a765131c80c87f059
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.getyourguide.com/dist/pa.umd.production.min.js
54.230.111.29200 OK 6.8 kB URL HTTP/2 widget.getyourguide.com/dist/pa.umd.production.min.js
IP 54.230.111.29:0
File type Unicode text, UTF-8 text, with very long lines (19240)
Hash 49b17b8eeffd6971fc87f3dcf8e25fd7
b98de8109f228c796e5352fa9d6120641a515f29
b634ed0558fe7c4dc700589c2d357b8f8653618099f141511a85489518bf1a67
GET /dist/pa.umd.production.min.js HTTP/1.1
Host: widget.getyourguide.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 20 Oct 2022 13:02:56 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 24 Oct 2022 02:44:23 GMT
cache-control: max-age=3600, public, must-revalidate
etag: W/"a8ac2108d9f5a6f9ee38eae2307faa21"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LG6FCh4oPXGoXjdsmDbknRg7XBXfVyQUg4W9S5a1hGXWmC2isU11Xg==
age: 2408
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion.js
142.250.74.34200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (2021)
Hash f4edcc4119c80477e4ed546fc207aa7a
e478d7f0f9d6d72c938251c17a8cc7a188651445
12015a413fc692bf5bac249afb06422a8ed8a6d70a1a141f999481f0bfb2ee34
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 24 Oct 2022 03:24:30 GMT
expires: Mon, 24 Oct 2022 03:24:30 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 18014762903861546619
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16831
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.kayak.com/news/badge/kk/tg005.png
151.101.85.29200 OK 13 kB URL HTTP/2 www.kayak.com/news/badge/kk/tg005.png
IP 151.101.85.29:0
File type PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Hash 2385da531246f4e5ec82b0cc84858503
1898cbe645775fc4cf02396d4423b88ae7f1530d
65d8ac86ed0432f654506f847946f1df2689ce26d7b680e684a533b6197380b0
GET /news/badge/kk/tg005.png HTTP/1.1
Host: www.kayak.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Fri, 07 Oct 2022 13:18:44 GMT
etag: "32c4-5ea71a6313500"
content-type: image/png
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-kayak-presentation: web
x-esi: YES
cache-control: max-age=31536000
accept-ranges: bytes
date: Mon, 24 Oct 2022 03:24:30 GMT
age: 1251165
vary: Fastly-SSL,SSL,Accept-Encoding
content-length: 12996
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-11772281-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-11772281-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash 853855e2d7b42c5836f1ebcdcf5beb8e
375aa7dc7781ac0249f49b9a8a47b5c85db7a216
c53cb3375479817684dc5c221c846f3819662948827e64b8c3e183e479aff453
GET /gtag/js?id=UA-11772281-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 24 Oct 2022 03:24:30 GMT
expires: Mon, 24 Oct 2022 03:24:30 GMT
cache-control: private, max-age=900
last-modified: Mon, 24 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43652
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-831005086
142.250.74.168200 OK 48 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-831005086
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash f00af3c7dacded54c3b9d0c0b0891ffb
25205de1158f58454e85ecd13df3750e0fa6dafe
fad7e91228c2c287ead7f6d90ba3439ad933982471858e593af7491d4d07b767
GET /gtag/js?id=AW-831005086 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 24 Oct 2022 03:24:30 GMT
expires: Mon, 24 Oct 2022 03:24:30 GMT
cache-control: private, max-age=900
last-modified: Mon, 24 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47734
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9768604a7e222c32ef8cdaf53ec29ee2
4028238f05aaafdb51ead64799ea87886b5e4feb
d1dca4baae90d44410434584069ac98fa44bf21176776bd3c45d1216f95f0f0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05ee461624e2ec37f65e859afe6543ba
b99dcb558535d3d35d140e730aeeb41587622b30
576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fc8179a88abbd734202adc66c0a44b67
a9234b80f7655b767a8c4ab7a284d36e7abbbe91
b99e716a26a62b69ad40222ff358cf8c2c5adcdd85eeaee4f534e510a1433b15
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B99E716A26A62B69AD40222FF358CF8C2C5ADCDD85EEAEE4F534E510A1433B15"
Last-Modified: Fri, 21 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 24 Oct 2022 09:24:30 GMT
Date: Mon, 24 Oct 2022 03:24:30 GMT
Connection: keep-alive
payments.pesapal.com/site/images/426/pesapalpaybtn.png
104.18.2.36200 OK 8.5 kB URL HTTP/2 payments.pesapal.com/site/images/426/pesapalpaybtn.png
IP 104.18.2.36:0
File type PNG image data, 125 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash f373352361e070a7948ebf382cab6786
3626cdb5f70a30a3b8ec369295e22ae271e8d20d
ce1d5908f3a288e1921fc49e1eb90dba3a6b71bc8a43e5790fa46997642485e9
GET /site/images/426/pesapalpaybtn.png HTTP/1.1
Host: payments.pesapal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
content-type: image/png
content-length: 8527
last-modified: Wed, 16 Jan 2019 09:38:52 GMT
cf-cache-status: HIT
expires: Mon, 24 Oct 2022 07:24:30 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=epVUzrXv_0xvDMfmsjRhplgaR3.2xXOTz2fYFiO2O.8-1666581870-0-AdMq0g6uq8VmfAlPpesTKuCyIR7F0Za8EP9M02ainvaH4BDb62IpUmxo+WUQQrzSnmMgOf6xDRAYIBGZEbrKpLM=; path=/; expires=Mon, 24-Oct-22 03:54:30 GMT; domain=.pesapal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 75ef9991de26b4ee-OSL
X-Firefox-Spdy: h2
www.jscache.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2
151.101.86.83301 Moved Permanently 0 B URL HTTP/2 www.jscache.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2
IP 151.101.86.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2 HTTP/1.1
Host: www.jscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: envoy
location: https://www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2
expires: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-type: text/plain; charset=utf-8
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
accept-ranges: bytes
date: Mon, 24 Oct 2022 03:24:30 GMT
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666581870.282601,VS0,VE152
content-length: 0
X-Firefox-Spdy: h2
www.tripadvisor.com/img/cdsi/img2/badges/ollie-11424-2.gif
23.38.201.85200 OK 551 B URL HTTP/2 www.tripadvisor.com/img/cdsi/img2/badges/ollie-11424-2.gif
IP 23.38.201.85:0
File type GIF image data, version 89a, 31 x 20\012- data
Hash c49ee6486f965a57bd7580eefa23c260
41ecc79ff7dd26b4950b04d24c7c5e3eb33742c4
10671a700bbd5ce00557871cc4ee9608332dc396bfea680b700260efaf4e059d
GET /img/cdsi/img2/badges/ollie-11424-2.gif HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: envoy
cache-control: private, max-age=43200
expires: Mon, 24 Oct 2022 15:24:30 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
timing-allow-origin: https://www.tripadvisor.com
content-type: image/gif
content-length: 551
date: Mon, 24 Oct 2022 03:24:30 GMT
set-cookie: TADCID=nZSTLLvYsnBCjfvvABQCFdpBzzOuRA-9xvCxaMyI13EPORTtRQ_N7R3LRENkGVyiWUqq2lMGSnM1UX3tOp-UCZFueoC2j7wk_Hw; Domain=www.tripadvisor.com; Expires=Thu, 21-Oct-2032 03:24:30 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3AiyVYLMthAw7k7nWhzVPS6shGd0grv0wJ%2Fdfe7m7A1Y82jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com; Expires=Wed, 23-Oct-2024 03:24:30 GMT; Path=/; HttpOnly
__vt=cqrGTlZBa1-08tb3ABQCIf6-ytF7QiW7ovfhqc-AvSDs2fI2LxZTSWp39imNGsHxH0jzypgRr5kWhMhueMXWCvKnvLPfCudBhfTUBkidVHEO-2nNvWRopeHefCmeiviC-iq9ZmuyhSwvrd0glFc5IBum5ck; Domain=www.tripadvisor.com; Expires=Mon, 24-Oct-2022 04:24:30 GMT; Path=/; Secure; HttpOnly
TASession=V2ID.0CABD4DD45164ED7E919A9D4E316D486*SQ.1*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*TRA.true; Domain=.tripadvisor.com; Path=/
ServerPool=A; Domain=.tripadvisor.com; Path=/
TACds=A.1.11424.2.2022-10-23; Domain=.tripadvisor.com; Expires=Fri, 23-Dec-2022 03:24:30 GMT; Path=/
X-Firefox-Spdy: h2
www.tripadvisor.com/img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg
23.38.201.85200 OK 2.3 kB URL HTTP/2 www.tripadvisor.com/img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg
IP 23.38.201.85:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash bf29758e41903e1fabdc4a19c89bac9b
1ff70aca18e5d207268b7888d56ab2a897909ff8
6936f35bf6375797c7d4a526dd6bfdf2a5f3d0dfb4e4d1e9e292ce31bc45702c
GET /img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: envoy
cache-control: private, max-age=43200
expires: Mon, 24 Oct 2022 15:24:30 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
timing-allow-origin: https://www.tripadvisor.com
content-type: image/svg+xml
content-encoding: gzip
vary: Accept-Encoding
content-length: 2315
date: Mon, 24 Oct 2022 03:24:30 GMT
set-cookie: TADCID=59nad2fU5uYCRkJIABQCFdpBzzOuRA-9xvCxaMyI13EPOcTNvfJjdfYGXGOB-KHVu-vKBwrG_IumwbFFRXuaFXMS9blUadTCtcg; Domain=www.tripadvisor.com; Expires=Thu, 21-Oct-2032 03:24:30 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3ALBUidT4OAAjk7nWhzVPS6shGd0grv0wJ3OUb5a%2BspVg2jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com; Expires=Wed, 23-Oct-2024 03:24:30 GMT; Path=/; HttpOnly
__vt=P3dsP5BY_WO6J7baABQCIf6-ytF7QiW7ovfhqc-AvSDs2Xw8VmS7Bvnek5wAgVrivFDY2q-2OH94FY25_9DTaCbd83yk3YWaHU-TJtbnSa61JzTFvu_Dfu7HTczDlkZ4RSRKx7aTAgmixfCjmi6txvbK4A; Domain=www.tripadvisor.com; Expires=Mon, 24-Oct-2022 04:24:30 GMT; Path=/; Secure; HttpOnly
TASession=V2ID.48548DF6FBC7148821845FD970CE0F0C*SQ.1*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*TRA.true; Domain=.tripadvisor.com; Path=/
ServerPool=X; Domain=.tripadvisor.com; Path=/
TACds=A.1.11900.2.2022-10-23; Domain=.tripadvisor.com; Expires=Fri, 23-Dec-2022 03:24:30 GMT; Path=/
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 69355d04444eafa77d238e33dbeb78b3
1d7572ea148ee3482e58a5bdc24b5ef6e801ba84
6ad377a6346165151bb55fadfcdfe5b1d9d2c993e034a177745b79dfa89ba2c4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=104075
Date: Mon, 24 Oct 2022 03:24:30 GMT
Etag: "6354f8f9-1d7"
Expires: Tue, 25 Oct 2022 08:19:05 GMT
Last-Modified: Sun, 23 Oct 2022 08:19:05 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jAVHzwgK8VfnWwroUT6aahlKMaRyGi-T3GkTJuOHTAVw2awxbkyVqw==
www.privatetour.com/img/badges/private-tour-4.png
178.157.15.209200 OK 22 kB URL HTTP/2 www.privatetour.com/img/badges/private-tour-4.png
IP 178.157.15.209:0
ASN #42807 Aerotek Bilisim Sanayi ve Ticaret AS
File type PNG image data, 320 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash 95560b652c50fb12d72defe3c3fc9d99
c64dbf60708ef06e65e028169a3fea9e8b090d21
f7f467ea88123f6e51bc444daf24b1577e6f4e90b81c9720d3afc6cffd65e2d6
GET /img/badges/private-tour-4.png HTTP/1.1
Host: www.privatetour.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 24 Oct 2023 03:24:30 GMT
content-type: image/png
last-modified: Thu, 01 Apr 2021 08:28:50 GMT
accept-ranges: bytes
content-length: 22022
date: Mon, 24 Oct 2022 03:24:30 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
gyg.me/kUtga42u
143.204.55.38301 Moved Permanently 0 B IP 143.204.55.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /kUtga42u HTTP/1.1
Host: gyg.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-length: 0
location: https://cdn.getyourguide.com/supplier-portal/assets/images/6a52159c.png
date: Mon, 24 Oct 2022 03:24:30 GMT
content-language: en-US
x-envoy-upstream-service-time: 12
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-request-id: b0b8e377-e1e9-4301-b5fa-931b96a5e13e
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x92o-m9GViFAmi18gK-5QPOULDKT2e7u74KeZnPB1CmUDaxQ2u0Ijw==
X-Firefox-Spdy: h2
cdn.getyourguide.com/supplier-portal/assets/images/6a52159c.png
54.230.111.48200 OK 6.1 kB URL HTTP/2 cdn.getyourguide.com/supplier-portal/assets/images/6a52159c.png
IP 54.230.111.48:0
File type PNG image data, 285 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a52159cdafaac586ebfb7cc928f71cd
3549bef9e5cf9bf01b5057ab7ee2357fb25b5de1
a3a4fa00768b12ec195c713f1b8118f640b32bd25696059c6a8d6e73401cd391
GET /supplier-portal/assets/images/6a52159c.png HTTP/1.1
Host: cdn.getyourguide.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 6123
date: Wed, 01 Jun 2022 09:30:11 GMT
last-modified: Mon, 16 Aug 2021 08:36:46 GMT
etag: "6a52159cdafaac586ebfb7cc928f71cd"
cache-control: max-age=31536000, public, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t5o4e13C0c7Uw5FFND-fIQ2UbpLl7mM0w5xSAIDTLsD5pHTkM_b_Wg==
age: 12506059
X-Firefox-Spdy: h2
www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2
23.38.201.85200 OK 281 B URL HTTP/2 www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2
IP 23.38.201.85:0
File type ASCII text, with very long lines (338)
Hash 5ea8deb6e9a482bdb443d32e971c3149
fe6574b405da0d1bc4b8c50f9fc9499506d0200c
e347c8de099ed32e599949c8011f1031e85c4e5d71d2ccb8fbd5d15934ebc213
GET /wejs?wtype=selfserveprop&uniq=660&locationId=2085077&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=false&iswide=false&border=false&display_version=2 HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
expires: 0
cache-control: no-cache,no-store,must-revalidate
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
timing-allow-origin: https://www.tripadvisor.com
vary: Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
content-encoding: gzip
content-length: 281
date: Mon, 24 Oct 2022 03:24:30 GMT
set-cookie: TADCID=CEGgxm8ZkB_upkuxABQCFdpBzzOuRA-9xvCxaMyI13EPOay9nGJCxI624URiliKFDhp-Ra3_mxMVMUpLTFkkmUjXTvP4Qsb4tFU; Domain=www.tripadvisor.com; Expires=Thu, 21-Oct-2032 03:24:30 GMT; Path=/; Secure; HttpOnly
__vt=MEVvDz37bbKM3kZOABQCIf6-ytF7QiW7ovfhqc-AvSDs2XR4y-ZUXuPBBYNHYLLmR0Ki8frzHY1ophBpgBJAs3M_bfh0NlCaYArMwjRDmt2OEFNkVu1IrFv77ujSgoHR5RymJycLcGNKq1uZkp9Ueo88voE; Domain=www.tripadvisor.com; Expires=Mon, 24-Oct-2022 04:24:30 GMT; Path=/; Secure; HttpOnly
datadome=.A4GC7.2e-htWZvveMJ2PP8LSohAHrw0pyH9yCJbb4qu-rq5Q~aLHhrEzzDuOw8QWzVnbb7Wyxsrkqo0Vg2Q-C5uSL2hc-axsZRp9BqYscV1FSVdjCut_N~zgbEqck9l; Max-Age=31536000; Domain=.tripadvisor.com; Path=/; Secure; SameSite=Lax
_abck=18069327F23C19BCF59CA4522C66F728~-1~YAAQBk8kFyIAv/6DAQAAUDgFCAj2WR9lZgz9N9HCi+ujpmkhK99jrfB2biamT1VR9msm7r3Qv47crlRyrv/YS7Q4E+mgKDtPQ2i4UN1nznzPCAlzhtKXzmAFrr1P4cQxqw5nInTWvProdEM32lnDtx6cg0WE1CnP/hh/pUs30ntboSRDhhU+mfzH1xKjWUM2HFfJ4zd0chH38627pq6bKLXq5x85w3nrJWsIjyw3aCq2l3YKgzsaQhCgw0PHbeKstMGQCAgCrpA9cfuvrFMegwg4PlzoyauAZHAO9qfITmYxd7kgZUei0k+ElMHHuJ+fizOzYOeLzrNUxKx74ZjhOPOhnsHypnCqktE5plVih7mwCTyXNsGB6e2VW0qpB+62Ug==~-1~-1~-1; Domain=.tripadvisor.com; Path=/; Expires=Tue, 24 Oct 2023 03:24:30 GMT; Max-Age=31536000; Secure
bm_sz=A6BEABB954EE795B838D21658D8294D4~YAAQBk8kFyMAv/6DAQAAUDgFCBFdeomqAT0VEQYuLcrvVnml/KZdQhdN+nnwn6G/r6HM7a2R3UT9283oPvAt3agbAdEXYuiF5YaxmHPjCy/xH8Oz5D4GTfisl0iNbj/aFJaFSCjULnwInZrItFaIZehQOWDKfDeQnyH7bge+wMD/yh9jsSqfobS5g82WviEbk7M9v8A28QwYPXLuanH8wmDqdJ5E8iVSsQe7cynUyuZbS6c6uveJw5RM7TUWPRPcV3fhWrpKsKVw1VKFDdnMSMopbbgIX5pV40fKBOiS4cJ15qVDF9gB5Q==~3553348~3753272; Domain=.tripadvisor.com; Path=/; Expires=Mon, 24 Oct 2022 07:24:30 GMT; Max-Age=14400
X-Firefox-Spdy: h2
www.jscache.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2
151.101.86.83301 Moved Permanently 0 B URL HTTP/2 www.jscache.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2
IP 151.101.86.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2 HTTP/1.1
Host: www.jscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: envoy
location: https://www.tripadvisor.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2
expires: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-type: text/plain; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-datadome: protected
accept-ranges: bytes
date: Mon, 24 Oct 2022 03:24:30 GMT
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666581870.289528,VS0,VE423
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cde8257da86673a29a8f947eeadfd43a
f4573647aa48b72010149804f6194f9a281dca84
ae63651b8963e0cf8da8f1e097246846d32b3cd74a3e36b31206ca49438f59a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=97250
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:30 GMT
Etag: "6354de50-116"
Expires: Tue, 25 Oct 2022 06:25:20 GMT
Last-Modified: Sun, 23 Oct 2022 06:25:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
www.tripadvisor.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2
23.38.201.85200 OK 231 B URL HTTP/2 www.tripadvisor.com/wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2
IP 23.38.201.85:0
Hash 4dcb05d8fe99aad5af553f00c6b95d7e
b05bc388b22600f959998919fa45a4dcb5d01752
77d661b3ed335344bc90b80e079f3d0bc604fd7dfe462b6799209bb5e7732191
GET /wejs?wtype=rated&uniq=11&locationId=2085077&lang=en_US&display_version=2 HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
expires: 0
cache-control: no-cache,no-store,must-revalidate
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
timing-allow-origin: https://www.tripadvisor.com
vary: Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-datadome: protected
content-encoding: gzip
content-length: 231
date: Mon, 24 Oct 2022 03:24:30 GMT
set-cookie: TADCID=DXXx6zUPHP4TmqcZABQCFdpBzzOuRA-9xvCxaMyI13EPObydBNLvu3YjSKLOjgHaJBwZC8FaGrHKuKuZYHvcEP8k5Ti7kuE1-Ro; Domain=www.tripadvisor.com; Expires=Thu, 21-Oct-2032 03:24:30 GMT; Path=/; Secure; HttpOnly
__vt=jpJnbmuUsjGzu3q_ABQCIf6-ytF7QiW7ovfhqc-AvSDs2d9Cx3kLAbcc2IRt8py_MZJA8sYLEVaRvp96dBRwMuDyPQsQKxZnSbGER26NLLb3bJ28QSmyXJGWLwJfgv55mlIEfA6BCdEiS0HBzkvEecMYgHs; Domain=www.tripadvisor.com; Expires=Mon, 24-Oct-2022 04:24:30 GMT; Path=/; Secure; HttpOnly
datadome=.ciqKJU_kAuiX6yyevirXUCMfspPI9mA2TjP.Zvec_xqnF0cQuiEzEAcuAxwkcresRW0rrwoXdSTcwOZvkyh7JT4y1aX.npPk00rau8BqJfW5sc~vs40-FdfXE3deZF; Max-Age=31536000; Domain=.tripadvisor.com; Path=/; Secure; SameSite=Lax
_abck=0F5B9C566545C3DFC344663298F1E7DC~-1~YAAQBk8kFyYAv/6DAQAADjkFCAjBghpKTepvgTVm8jjwGHiu+RIsvoE2wPKAJ6UlqO+QuKgbdQiBLp37vBAfmaRFFylSrQeI14t1DMdTX2xPu8gwDFFJc7x772Zr4kjdZVzkzsI3hqdiopysRPdC+XvBJCd9tDWOSNmQ5QCVNOu7zPz4Rp2FwNbmt5DGQqpLdvxf67mcOzZ6aJO2hjIy2ZN3LuHgU9L++hhjplMQh2W4Yf5fQb/+noeMeKQwGYUSAB039fC19v+JnQKaPoSjrC7IaDV0FkJHbeDguW4VEYCSmQwm+peeNZWy3Vmdug/P1RJXN/kHE/isrLUUvICicCgFQF4sq5GXxo5TPElL/mzaVcsKYJYQMp1UHB8S1/G8kA==~-1~-1~-1; Domain=.tripadvisor.com; Path=/; Expires=Tue, 24 Oct 2023 03:24:30 GMT; Max-Age=31536000; Secure
bm_sz=FFDF8F87F6DA9FB1641FD44499521513~YAAQBk8kFycAv/6DAQAADjkFCBHv4XscZhsIZDb7eBlAshJ5Z5iyEEQvQXis9YS4aw7ymh0vZ667IPyVfBDbeKMYSaPIHsiDHXf8En7zgtDnJWAF9R+wC+9r0WFakh+lHbaxhILI/MSeuETYv1ughgijSNzhAVlg2hSFpDUOnUtiYkxmGDh6X3Urf0g4AksPsKss0xy7n53Jcz+KMfaXm/slwYO8rcBgckyFW7tFgU0muOlKaOLRke08R2OvLgq/bLTS1F0TSfJSk7QVqNZMNFnt4HOd5R33hwxZPMfvCfNTFxL6jl7Fvg==~3553348~3753272; Domain=.tripadvisor.com; Path=/; Expires=Mon, 24 Oct 2022 07:24:30 GMT; Max-Age=14400
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/logo.png
68.65.122.186200 OK 20 kB URL HTTP/2 www.cruzeiro-safaris.com/images/logo.png
IP 68.65.122.186:0
File type PNG image data, 138 x 83, 8-bit colormap, non-interlaced\012- data
Hash 1ced964956e309c9e0346576b65d1d8d
3c7061804302a0b9f0f8b6c47ba2d69e555cc7af
31bfbc9f813af1e2d2e76f2be4177ffbfde87efbd50da9fbab1187c2262c0800
GET /images/logo.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 19763
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/phone.png
68.65.122.186200 OK 7.7 kB URL HTTP/2 www.cruzeiro-safaris.com/images/phone.png
IP 68.65.122.186:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 4755dd7732b8cbb11a19c488c19a1e6d
6c924c8cb64cc3e0277690fa3cea37c2afe421d6
2a6af9dabb1ffbeeecab784b10e99e7a9f1579fade1ad29a368e4f12667a72e3
GET /images/phone.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:32 GMT
accept-ranges: bytes
content-length: 7727
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/Cruzeiro-Safaris-Ltdkatologobonded.jpg
68.65.122.186200 OK 16 kB URL HTTP/2 www.cruzeiro-safaris.com/images/Cruzeiro-Safaris-Ltdkatologobonded.jpg
IP 68.65.122.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 147x150, components 3\012- data
Hash de5a988c5e75dd83d61077c835c5fafd
2108127c7413d788bcc7f13656506f1ed2e4b615
92ffdcb0e1d7cddc56d22fcfaed7887116dd4e493e922d4ccde845c02d73c8de
GET /images/Cruzeiro-Safaris-Ltdkatologobonded.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 16468
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/wildlife_animals/IMG_20170430_152429.jpg
68.65.122.186200 OK 41 kB URL HTTP/2 www.cruzeiro-safaris.com/images/wildlife_animals/IMG_20170430_152429.jpg
IP 68.65.122.186:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x582, components 3\012- data
Hash 61086555f4218996840fb643c5888724
2104356b2e90876ff2fbf609d57590afafb178aa
6fb40723209d19ec04682562451519a4550c1efd739a4bec6bd9bcd9b8156ba3
GET /images/wildlife_animals/IMG_20170430_152429.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:31 GMT
accept-ranges: bytes
content-length: 41207
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/safaris/lions.jpg
68.65.122.186200 OK 32 kB URL HTTP/2 www.cruzeiro-safaris.com/images/safaris/lions.jpg
IP 68.65.122.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x375, components 3\012- data
Hash 17122a30ad6fba04840e2b4cca5863a2
39850dd41cfd40f7830db6b855033a93eb5c1a3a
8fac717efb1751584ea446f2861fddacb48deb5f016337ab017f3ba92dae7c1c
GET /images/safaris/lions.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:29 GMT
accept-ranges: bytes
content-length: 31662
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/online-booking-tours.jpg
68.65.122.186200 OK 19 kB URL HTTP/2 www.cruzeiro-safaris.com/images/online-booking-tours.jpg
IP 68.65.122.186:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 200x200, components 3\012- data
Hash 0d42e1d1bc799c5d4c176eab504b860d
19e539a1334af02480ee600857e58f629922f475
f1aca7e4c91bc1b3c6a1cec99163ccdee0af977629aa6c18d3cfc861955f4f11
GET /images/online-booking-tours.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:27 GMT
accept-ranges: bytes
content-length: 18988
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/social/bookmundi.png
68.65.122.186200 OK 5.9 kB URL HTTP/2 www.cruzeiro-safaris.com/images/social/bookmundi.png
IP 68.65.122.186:0
File type PNG image data, 203 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 45bff72e5f9eeeb63dea8823c5b1489e
0bed815e8841fb39c3e125e0e30cc38cdc7d1fc1
6fc9f517559a199ebf55eccf6df69382ccb96e3b3d374f2b5dc8a56fdf9bd0be
GET /images/social/bookmundi.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 5908
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/social/tw.png
68.65.122.186200 OK 4.0 kB URL HTTP/2 www.cruzeiro-safaris.com/images/social/tw.png
IP 68.65.122.186:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash ff5a46434a077162166add229a02d9ae
af11a6b6d0882b3d1b908cc9bd4ca8f3d62912d9
240ccfca0c6d63360debf27c8a84ffb56c191fdb1d542bcbea21d3dbf6890ccd
GET /images/social/tw.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 3970
content-type: image/png
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4c236f4ca13cd8fafc580bceb0995642
b6a7de7a8d994ed2cfb5ac74b6d7703de515ecdb
671228953eba5b2678df03acebb493e411752c6f5f72ff7f1e485032241d4aeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 03:24:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:600,400,300
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:600,400,300
IP 142.250.74.10:0
Hash fc83d442efeeb5ae6500ea76302eccd3
884faee79c481bb450651110682ec92a596b3fbd
237649f00156befafce65fa928a7418dea274d3c181433f276817e9c5418450a
GET /css?family=Open+Sans:600,400,300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 24 Oct 2022 03:24:33 GMT
date: Mon, 24 Oct 2022 03:24:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/ntr-logo.png
68.65.122.186200 OK 15 kB URL HTTP/2 www.cruzeiro-safaris.com/images/ntr-logo.png
IP 68.65.122.186:0
File type PNG image data, 340 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 2db71ed71bd7d1959a83f9c52e190ee4
6bf88032861a81d0eca4fc53e13da6dc6b427d28
96dc6a9fb4241833f8cf2bf767fb2a98db902752fbf007c54e5435c09cc52cce
GET /images/ntr-logo.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Thu, 19 Nov 2020 16:21:41 GMT
accept-ranges: bytes
content-length: 15379
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/social/yt.png
68.65.122.186200 OK 5.7 kB URL HTTP/2 www.cruzeiro-safaris.com/images/social/yt.png
IP 68.65.122.186:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash ac8caec94310fa12d840e74235ab7bc2
b0c7fb16777940b987d2333ef83bd4b116cb164b
951bce6cca58c0df67b1ca1edf8f897289ccf3ac0f7926c22e540a87599f4be1
GET /images/social/yt.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 5698
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/aliexpressonline_store.png
68.65.122.186200 OK 13 kB URL HTTP/2 www.cruzeiro-safaris.com/images/aliexpressonline_store.png
IP 68.65.122.186:0
File type PNG image data, 398 x 89, 8-bit/color RGB, non-interlaced\012- data
Hash 856819177971294497f45f2fdfe1895a
d8c95dffc3f608e921ac14ca0f320fe0d02e1fd7
232ea19b620e42e57599d7f50a23a68cedab0565afdfb3949094595a3e0808c5
GET /images/aliexpressonline_store.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Wed, 04 Nov 2020 18:34:57 GMT
accept-ranges: bytes
content-length: 12721
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/email-icon.png
68.65.122.186200 OK 5.7 kB URL HTTP/2 www.cruzeiro-safaris.com/images/email-icon.png
IP 68.65.122.186:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash f5546f288c112eb513a453e7856ba024
57aefb6d7c65c0457b45e070a8efd5dff4bddafe
5e11b77b10368d77a63315c53351bb3581254f1f00baff3213fe9f3ce270d2b4
GET /images/email-icon.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 5698
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/social/g+.png
68.65.122.186200 OK 5.6 kB URL HTTP/2 www.cruzeiro-safaris.com/images/social/g+.png
IP 68.65.122.186:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash aff40945bf410a8c3ca75d65b0b9bb48
ca09a09d19cec73cb4086717eeb19912311cb7ad
1db6c0f5293f66c93abd7c066d692d1a7873b5556e9873b7f75d7d775ccbab56
GET /images/social/g+.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 5552
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/social/fb.png
68.65.122.186200 OK 3.4 kB URL HTTP/2 www.cruzeiro-safaris.com/images/social/fb.png
IP 68.65.122.186:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash dd9b9178e2324bc658f824e4ccb52298
101a59701d9ad676d963b5ea21ed9f26051c4081
19ee1ef3b6f79fd79b0f091856705e0be115789fe2f13fb7bfa00279f04d6b04
GET /images/social/fb.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 3386
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/social/blg.png
68.65.122.186200 OK 4.7 kB URL HTTP/2 www.cruzeiro-safaris.com/images/social/blg.png
IP 68.65.122.186:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash f4d353b1d3caac5b371e6df7a6ede420
c92121e8da79b0ddafd67a492b6a6106a221a92f
6a1b922e613b6a597bb2c51d93ea739056afcdf9e6cfc25bd9e8854cbbcce6c1
GET /images/social/blg.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 4737
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/bdg_now_accepting_pp_2line_w.png
68.65.122.186200 OK 13 kB URL HTTP/2 www.cruzeiro-safaris.com/images/bdg_now_accepting_pp_2line_w.png
IP 68.65.122.186:0
File type PNG image data, 334 x 127, 8-bit/color RGBA, non-interlaced\012- data
Hash 29b112f4344afeb41834a4b28ef4c0be
37e4289c874cd2236add4a7013a2b0310cc59a63
b5796db96672733b8b49dc498bd4e1e03f54b3b9a9944e202e1f5e418534d1a2
GET /images/bdg_now_accepting_pp_2line_w.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:29 GMT
accept-ranges: bytes
content-length: 12843
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/affiliatescript.js
68.65.122.186404 Not Found 618 B URL HTTP/2 www.cruzeiro-safaris.com/affiliatescript.js
IP 68.65.122.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f703cb3bc795979904c5a2dad2e6afb1
b2ba22b2581cdeb1adc7facebe2be79b527b434a
8532e017067f751227241644c8135e8a39fd30cdc92519e88e41f899b58f8f82
GET /affiliatescript.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: no-cache
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 618
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/logo-1.png
68.65.122.186200 OK 60 kB URL HTTP/2 www.cruzeiro-safaris.com/images/logo-1.png
IP 68.65.122.186:0
File type PNG image data, 104 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash 776452c352a18a4b57f05a02413c65ba
4ce88c247d3eeb0666fce21f786d40b3fdef8f89
441294f949bb44d7fc3569b151f80de8f0e138c7cfb36c6d6bfc7ce824087440
GET /images/logo-1.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 60171
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?theme-477e2af4.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?theme-477e2af4.js
IP 68.65.122.186:0
GET /media/template/gzip.php?theme-477e2af4.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours23.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours23.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours23.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 339618
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?slideshow.min-6b1ad39a.css
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?slideshow.min-6b1ad39a.css
IP 68.65.122.186:0
GET /media/template/gzip.php?slideshow.min-6b1ad39a.css HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?slideshow.min-14e73ec0.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?slideshow.min-14e73ec0.js
IP 68.65.122.186:0
GET /media/template/gzip.php?slideshow.min-14e73ec0.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotour6.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotour6.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotour6.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 130187
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours26.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours26.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours26.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 226076
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?theme-1fc42130.css
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?theme-1fc42130.css
IP 68.65.122.186:0
GET /media/template/gzip.php?theme-1fc42130.css HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours5.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours5.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours5.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 243463
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours20.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours20.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours20.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 314334
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours9.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours9.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours9.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 489838
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?mootools-core-481605f6.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?mootools-core-481605f6.js
IP 68.65.122.186:0
GET /media/template/gzip.php?mootools-core-481605f6.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?jquery.min-45fe031d.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?jquery.min-45fe031d.js
IP 68.65.122.186:0
GET /media/template/gzip.php?jquery.min-45fe031d.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/pesapal_logo.png
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/pesapal_logo.png
IP 68.65.122.186:0
GET /images/pesapal_logo.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:28 GMT
accept-ranges: bytes
content-length: 24448
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours29.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours29.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours29.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 345939
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours4.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours4.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours4.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:29 GMT
accept-ranges: bytes
content-length: 537123
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours13.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours13.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours13.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 298352
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/nairobi-tours/DSC02480.JPG
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/nairobi-tours/DSC02480.JPG
IP 68.65.122.186:0
GET /images/nairobi-tours/DSC02480.JPG HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Mon, 12 Sep 2022 17:52:43 GMT
accept-ranges: bytes
content-length: 942299
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/safaris/amboseli-elephants.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/safaris/amboseli-elephants.jpg
IP 68.65.122.186:0
GET /images/safaris/amboseli-elephants.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:29 GMT
accept-ranges: bytes
content-length: 59912
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours10.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours10.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours10.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 281151
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/nairobi-tours/dinnerandshow_cruzeirosafariskenya.JPG
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/nairobi-tours/dinnerandshow_cruzeirosafariskenya.JPG
IP 68.65.122.186:0
GET /images/nairobi-tours/dinnerandshow_cruzeirosafariskenya.JPG HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Mon, 12 Sep 2022 17:38:07 GMT
accept-ranges: bytes
content-length: 32479
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/kato_logo_white.png
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/kato_logo_white.png
IP 68.65.122.186:0
GET /images/kato_logo_white.png HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Fri, 27 Mar 2020 10:32:48 GMT
accept-ranges: bytes
content-length: 139873
content-type: image/png
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours15.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours15.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours15.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 273026
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?jquery-noconflict-52794473.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?jquery-noconflict-52794473.js
IP 68.65.122.186:0
GET /media/template/gzip.php?jquery-noconflict-52794473.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?jquery-migrate.min-d90f61f8.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?jquery-migrate.min-d90f61f8.js
IP 68.65.122.186:0
GET /media/template/gzip.php?jquery-migrate.min-d90f61f8.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?mootools-more-ea188992.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?mootools-more-ea188992.js
IP 68.65.122.186:0
GET /media/template/gzip.php?mootools-more-ea188992.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.yourafricansafari.com/images/widget/your-african-safari-4.png
172.67.188.220404 Not Found 0 B URL HTTP/2 www.yourafricansafari.com/images/widget/your-african-safari-4.png
IP 172.67.188.220:0
GET /images/widget/your-african-safari-4.png HTTP/1.1
Host: www.yourafricansafari.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 24 Oct 2022 03:24:30 GMT
content-type: text/html; charset=UTF-8
vary: Cookie, Accept-Encoding
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: BYPASS
set-cookie: sessionid=eyJ1dWlkIjoiYjg0Y2EzMDMtN2JjYy00NTAyLTgxNjktZjdiYTVjMmQ2NWQ5In0:1omo4k:M5Ku-dqHzoGtf792Jvl3Emx3LOBS2m7WaTDE_Xgw_fE; expires=Mon, 07 Nov 2022 03:24:30 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=Lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9ofRZ%2FlEvGIo7O7gxuTDZy04Yyk5RObcafxtcdLZ8Ha2M5jdisXRz2fTP%2FkQ0IqNmQ3zodWzEBY3ckvK255JbWw44b5mub0NADc2E5gGe9PMpOQV6y4k4WyysmRxciL86svMWIC4Gby0ZIM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75ef9990d83c0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours22.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours22.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours22.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 303576
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?bootstrap-40750577.css
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?bootstrap-40750577.css
IP 68.65.122.186:0
GET /media/template/gzip.php?bootstrap-40750577.css HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours19.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours19.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours19.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 270008
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours16.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours16.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours16.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 386239
content-type: image/jpeg
X-Firefox-Spdy: h2
widget.getyourguide.com/pw/latest/client-loader/widget.js
54.230.111.29200 OK 0 B URL HTTP/2 widget.getyourguide.com/pw/latest/client-loader/widget.js
IP 54.230.111.29:0
GET /pw/latest/client-loader/widget.js HTTP/1.1
Host: widget.getyourguide.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cruzeiro-safaris.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Fri, 02 Sep 2022 11:09:36 GMT
server: AmazonS3
content-encoding: br
date: Mon, 24 Oct 2022 03:24:31 GMT
cache-control: max-age=100, public, must-revalidate
etag: W/"cdccb3dfe63f8d329d5d91edffd4bccc"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6hTGqr7-YE10NXBVk2G8zy12uo-RQAEyJ3ruZd7TgISTO36Rv-9Olg==
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?core-d38c101f.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?core-d38c101f.js
IP 68.65.122.186:0
GET /media/template/gzip.php?core-d38c101f.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/media/template/gzip.php?bootstrap.min-ee11376e.js
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/media/template/gzip.php?bootstrap.min-ee11376e.js
IP 68.65.122.186:0
GET /media/template/gzip.php?bootstrap.min-ee11376e.js HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
x-powered-by: PHP/7.4.32
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours12.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours12.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours12.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 381626
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours30.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours30.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours30.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 373781
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours25.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours25.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours25.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 340363
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours1.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours1.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours1.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 90337
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours8.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours8.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours8.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 263566
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours18.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours18.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours18.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 286155
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours17.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours17.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours17.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 329842
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotour2.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotour2.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotour2.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 352594
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours11.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours11.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours11.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 292108
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours2.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours2.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours2.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 434031
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours3.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours3.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours3.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 311961
content-type: image/jpeg
X-Firefox-Spdy: h2
www.cruzeiro-safaris.com/images/slides/cruzeirotours14.jpg
68.65.122.186200 OK 0 B URL HTTP/2 www.cruzeiro-safaris.com/images/slides/cruzeirotours14.jpg
IP 68.65.122.186:0
GET /images/slides/cruzeirotours14.jpg HTTP/1.1
Host: www.cruzeiro-safaris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cruzeiro-safaris.com/
Cookie: 1d50258f26c6cf42d5b9a980771c1baa=28f7f7e9f6dcb2f17ec90b9e0dce72a7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 03:24:30 GMT
server: Apache
last-modified: Sat, 14 Apr 2018 17:18:30 GMT
accept-ranges: bytes
content-length: 333676
content-type: image/jpeg
X-Firefox-Spdy: h2