Overview

URLtomoroccotour.com/
IP 68.65.123.192 (United States)
ASN#22612 NAMECHEAP-NET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-30 12:21:34 UTC
StatusLoading report..
IDS alerts0
Blocklist alert39
urlquery alerts No alerts detected
Tags None

Domain Summary (13)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
tomoroccotour.com (95) 0 2022-09-08 22:53:25 UTC 2022-11-30 11:58:28 UTC 68.65.123.192 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.43.253.52
fonts.googleapis.com (4) 8877 2013-06-10 20:14:26 UTC 2022-11-30 05:55:22 UTC 142.250.74.106
fonts.gstatic.com (2) 0 2014-09-09 00:40:21 UTC 2022-11-30 04:54:31 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
r3.o.lencr.org (6) 344 No data No data 23.36.76.226
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
ocsp.pki.goog (6) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-30 04:53:34 UTC 142.250.74.40
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-30 04:06:17 UTC 34.102.187.140
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-30 04:06:04 UTC 34.117.237.239

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-30 2 tomoroccotour.com/ Malware
2022-11-30 2 tomoroccotour.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 Malware
2022-11-30 2 tomoroccotour.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/wp-font-resizer/css/fontResizer.css?ve (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/svg-support/css/svgs-attachment.css?ve (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/uploads/elementor/css/post-394.css?ver=1668353252 Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/css/frontend-lite.min (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/header-footer-elementor/assets/css/hea (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/uploads/elementor/css/post-2425.css?ver=1668353254 Malware
2022-11-30 2 tomoroccotour.com/wp-content/uploads/elementor/css/post-8.css?ver=1669305160 Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor-pro/assets/css/frontend.min. (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/master-addons/assets/fonts/material-ic (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/creame-whatsapp-me/public/css/joinchat (...) Malware
2022-11-30 2 tomoroccotour.com/ Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/master-addons/assets/fonts/iconic-font (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/wp-font-resizer/js/fontResizer.js?ver=6.1.1 Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/mobile-menu/includes/css/mobmenu.css?v (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ (...) Malware
2022-11-30 2 tomoroccotour.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 Malware
2022-11-30 2 tomoroccotour.com/wp-content/uploads/2022/11/untitled-1-recovered.svg Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/header-footer-elementor/inc/js/fronten (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat. (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/themes/astra/assets/js/minified/frontend.min.j (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoin (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/js/webpack.runtime.mi (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.j (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/wp-font-resizer/js/fontResizer.js?ver=6.1.1 Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ve (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/master-addons/assets/js/master-addons- (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/uploads/2022/11/tomoroccotour-logo-official.svg Malware
2022-11-30 2 tomoroccotour.com/wp-content/uploads/2022/11/untitled-1-recovered.svg Malware
2022-11-30 2 tomoroccotour.com/wp-content/themes/astra/assets/js/minified/frontend.min.j (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat. (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/header-footer-elementor/inc/js/fronten (...) Malware
2022-11-30 2 tomoroccotour.com/wp-content/plugins/elementor/assets/js/webpack.runtime.mi (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 68.65.123.192
Date UQ / IDS / BL URL IP
2022-12-24 23:24:55 +0000 0 - 0 - 8 theouut.com/DO.php 68.65.123.192
2022-12-18 03:16:20 +0000 0 - 0 - 39 iqac.crescent.bytdigital.com/ 68.65.123.192
2022-11-30 12:21:34 +0000 0 - 0 - 39 tomoroccotour.com/ 68.65.123.192
2022-11-30 12:19:23 +0000 0 - 0 - 39 tomoroccotour.com/ 68.65.123.192
2022-10-07 20:27:01 +0000 0 - 0 - 13 exodus.com.merge.amirulkhan.net/ 68.65.123.192


Last 5 reports on ASN: NAMECHEAP-NET
Date UQ / IDS / BL URL IP
2023-02-07 11:18:31 +0000 0 - 1 - 1 clickandwin.xyz/ 192.64.119.33
2023-02-07 10:43:45 +0000 0 - 0 - 1 kamtex.de/ 162.0.215.44
2023-02-07 10:36:09 +0000 0 - 1 - 0 kongtogel.com/ 162.255.119.72
2023-02-07 10:34:14 +0000 0 - 0 - 1 www.medtroonic.com/ 198.54.117.218
2023-02-07 10:34:14 +0000 0 - 0 - 1 www.medtroonic.com/ 198.54.117.218


Last 2 reports on domain: tomoroccotour.com
Date UQ / IDS / BL URL IP
2022-11-30 12:21:34 +0000 0 - 0 - 39 tomoroccotour.com/ 68.65.123.192
2022-11-30 12:19:23 +0000 0 - 0 - 39 tomoroccotour.com/ 68.65.123.192


No other reports with similar screenshot

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (128)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3038
Expires: Wed, 30 Nov 2022 13:12:00 GMT
Date: Wed, 30 Nov 2022 12:21:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2367
Cache-Control: max-age=168564
Date: Wed, 30 Nov 2022 12:21:22 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:10:46 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20480
Expires: Wed, 30 Nov 2022 18:02:42 GMT
Date: Wed, 30 Nov 2022 12:21:22 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 12:18:01 GMT
cache-control: public,max-age=3600
age: 201
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: IJp5pRqCgXlj+cvGptyTy4uARGGosMm+aAFmQ8FM//pIEl9C4G3Ev30fCAEdfCiKHPyCeaSiVJU=
x-amz-request-id: 6602E5AQ4BCSRRWZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 11:45:13 GMT
age: 2169
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET / HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         68.65.123.192
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
keep-alive: timeout=5, max=100
content-length: 707
date: Wed, 30 Nov 2022 12:21:22 GMT
server: LiteSpeed
location: https://tomoroccotour.com/
x-turbo-charged-by: LiteSpeed


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 30 Nov 2022 12:21:23 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 12:11:14 GMT
cache-control: public,max-age=3600
age: 609
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:21:23 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 22:54:45 GMT
Expires: Sun, 04 Dec 2022 22:54:44 GMT
Etag: "e523dc6ac131e21cab0e6b921f5241c9d0547cb2"
Cache-Control: max-age=383000,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77238ae59b63b4f3-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2360
Cache-Control: max-age=163488
Date: Wed, 30 Nov 2022 12:21:23 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:46:11 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QtK8KVnI/kVsTOGxziLu8g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.43.253.52
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tjHStsL4kwCs6E1w7l6xLqmq8qc=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:21:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:21:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=G-707QG0RHV9 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.40
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
expires: Wed, 30 Nov 2022 12:21:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78835
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26337)
Size:   78835
Md5:    545c954864f7043ddd261e41731a0d3c
Sha1:   829c018315405298e2b7561ce71d24b23702e9dc
Sha256: a1db66cb88616051fa98d78fbdbbb9babef6e450522a24daff8077667e46ae6e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:21:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:21:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:21:24 GMT
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5922
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   5922
Md5:    68bb4db3eb1d538f0aefa63978c9f00a
Sha1:   4462b37533bdd6f72a75a1678e7d283cfaeafe19
Sha256: 01fe2475586bfc22772ed5226fa2b24ff9b8647cba8db7e0317ea950a6bd2262
                                        
                                            GET /css?family=Montserrat%3Ainherit%2C400&subset=latin%2Clatin-ext&ver=6.1.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 12:21:24 GMT
date: Wed, 30 Nov 2022 12:21:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   587
Md5:    3d42f493f48708632af8c6f8fb337195
Sha1:   762c78af08502073439f3256f411e739f2197eae
Sha256: 39f4014c82c13b8d038be7ce053ec032f7b3d8d618003c965b5e519dc75b6071
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:21:24 GMT
last-modified: Wed, 16 Nov 2022 00:34:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   11616
Md5:    c4d7cc056b49b00e05cc29cc59aa3d5a
Sha1:   48c426bec60099d2a8628df430ed682c72aab42a
Sha256: 8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:21:24 GMT
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5306
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   5306
Md5:    b57b046e15633b3e54fe21bb43fde5cf
Sha1:   36a37363382ac1bd6d44141d07df14cd8a33e7b0
Sha256: f082b60f79e22d7f7ed81627eaf8d78db83941c871cb9d631545de4309e04272

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:21:24 GMT
last-modified: Wed, 02 Nov 2022 13:31:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 31645
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   31645
Md5:    08f31e8e568b40b40cf2bcc3fa782d0b
Sha1:   6e1074a99c25ee3af71ea446b4f9772155bb8b77
Sha256: 51ba6a44f2d2873e2c71591c98d4486356f5ba29e7f40781bc009ef6e489cffb
                                        
                                            GET /wp-content/plugins/wp-font-resizer/css/fontResizer.css?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.2 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/svg-support/css/svgs-attachment.css?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/elementor/css/post-394.css?ver=1668353252 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9396
Expires: Wed, 30 Nov 2022 14:58:01 GMT
Date: Wed, 30 Nov 2022 12:21:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9396
Expires: Wed, 30 Nov 2022 14:58:01 GMT
Date: Wed, 30 Nov 2022 12:21:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9396
Expires: Wed, 30 Nov 2022 14:58:01 GMT
Date: Wed, 30 Nov 2022 12:21:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9396
Expires: Wed, 30 Nov 2022 14:58:01 GMT
Date: Wed, 30 Nov 2022 12:21:25 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 51900
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7298
Md5:    e00769bd1391b8f4f5b8ab128a825355
Sha1:   e4ddf955e8ac1986045ed55880c43c69e588a021
Sha256: 81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:00:54 GMT
age: 51631
etag: "2f3a39a528d3b759060203931de33c12303592e1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9330
Md5:    bbe350ea797a0fec5a19a450fc5de4b4
Sha1:   2f3a39a528d3b759060203931de33c12303592e1
Sha256: 4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 52314
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9051
Md5:    05196ec43964cf559caa0c0279148d62
Sha1:   6170d6776615503e3e29f86783febc3e3e78ca66
Sha256: 47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
age: 51159
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5785
Md5:    59baec8db5ced0210ab766ea5636a5fd
Sha1:   f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
Sha256: 33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9670
x-amzn-requestid: d9a529ac-9dc6-4e12-80c5-3250dc97e7bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcFiAoAMF0nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-116ddf09265d51523c3638b3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5BnByLndiK0korBr44MDgK6sgRBPooy2LE_2NjVIQhiTfmAdLupnZw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:34 GMT
age: 52311
etag: "3d8c927b6945d880f92d4e7a686cad5a9985e8ad"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9670
Md5:    33ee67e62c49fc8d51f18df313002aac
Sha1:   3d8c927b6945d880f92d4e7a686cad5a9985e8ad
Sha256: ba6e66e07cd93219926927fd2b468a92b8d02cc9bf1da0b3b9a3c48da160bbdc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
age: 50673
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10958
Md5:    777ce44582c70bf01a31da4cab366f36
Sha1:   57e1d34f146d5ccd9943aa97bcc3158f7103bb07
Sha256: fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
                                        
                                            GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/elementor/css/post-2425.css?ver=1668353254 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/elementor/css/post-8.css?ver=1669305160 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-featherlight/css/wp-featherlight.min.css?ver=1.3.4 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/dynamic-mobmenu.css?ver=2.8.2.7-955 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.9.4 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /css?family=Open+Sans%3A400%7CPlayfair+Display%3A400%2C700&display=fallback&ver=3.9.2 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 12:21:24 GMT
date: Wed, 30 Nov 2022 12:21:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    6751bdc117e694681819cb28168a8251
Sha1:   e4691eaf77d56888e07bad9eddac7e5087a22223
Sha256: 155a2e94add5d5bfc885c2717ed7480273217c9ee65245415394a334635059b9
                                        
                                            GET /wp-content/plugins/master-addons/assets/fonts/material-icons/material-icons.css?ver=1.9.6 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.11 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
link: <https://tomoroccotour.com/wp-json/>; rel="https://api.w.org/", <https://tomoroccotour.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://tomoroccotour.com/>; rel=shortlink
etag: "439-1669600406;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 534730
date: Wed, 30 Nov 2022 12:21:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (42527), with CRLF, LF line terminators
Size:   534730
Md5:    3f9f7c48cdb743fa74a3fab787c62b6c
Sha1:   f884da5907db1c6a37f5ab848628aaa95d364682
Sha256: 2e4904cea790f664fb985176017f8b4c758ce0afb23105d5a5b0b156a2f44008

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/master-addons/assets/fonts/iconic-fonts/iconic-font.min.css?ver=1.9.6 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/wp-font-resizer/js/fontResizer.js?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/mobile-menu/includes/js/mobmenu.js?ver=2.8.2.7 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/mobile-menu/includes/css/mobmenu.css?ver=2.8.2.7 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:21:25 GMT
last-modified: Wed, 02 Nov 2022 13:31:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1976
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1413)
Size:   1976
Md5:    4c93f408781478d3491a993dfd8e14f1
Sha1:   c39e01e8c1622522e0419e8d1839517f84fc0764
Sha256: 4a6f1446520bdbec790b73deb4486cbbc1568de8bf157c3f9aa82de1b5ad57f8
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:21:25 GMT
last-modified: Wed, 02 Nov 2022 13:31:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8123
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8211)
Size:   8123
Md5:    d1461f94813caf91caa6e72ab0fb4890
Sha1:   db70ccc09d60ffd52e3ab8df27e8d514cc369cf8
Sha256: d7ec47b2ef225fd2ee32e324a44991c228833dd0f710a9dd0f693da024fa35e3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 12:21:25 GMT
last-modified: Wed, 02 Nov 2022 13:31:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8497
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18820)
Size:   8497
Md5:    8acd87009f8e73a4f5930386c7c24ccb
Sha1:   96fed91f188ca2095d3be057407f8452cb4dafa9
Sha256: 4014427114f31cde2be90f5b9c1e86e6795631e2d8176c26d77db4a7ef82513b
                                        
                                            GET /wp-content/uploads/elementor/thumbs/vince-gx-33DJx0Yb2cA-unsplash-scaled-pv6iqzz9h475ip66hul10m25dlxvvnrg412codblvk.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/mohammed-lak-CBfUGtVP0QE-unsplash-scaled-pv3q74onwyvc7x8ezn2x6ko4r1tdue4rfc8rnmje68.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/emilia-igartua-9CM0JnzmWKU-unsplash-scaled-pv6jwhkt4uzrz2wn8a77kn5lavg4mpgxhdow91t18g.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/don-agnello-wEsPKE4dEdI-unsplash-scaled-pv3q3w4odifs89xpw8p6le2z39rvbxa1nbck5bc7ls.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/tienko-dima-jk5CdjDgHbQ-unsplash-scaled-pw3k2nk02jlosx1l55gx08bvxt10eay01ufy5e4gw0.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/eduardo-casajus-gorostiaga-RVOI4nNutfU-unsplash-scaled-pv3qhqb4zpdr5lu3381gawd9xhkeni7s7t3whytk00.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/adil-diless-_fcZ5jncgAw-unsplash-scaled-pv6ikv36v1srqc31bp3p8nsts26mmseixnr8wcf4hs.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/rumman-amin-bzFHhYKdIa0-unsplash-scaled-pvf9uw9jcn4z6dj13t7j6iptg3bftf8vf3t52vm35s.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/meor-mohamad-LDY_h9PD_yg-unsplash-scaled-pva60pgdfhc3q8tfok98s3hl8dj2lohsi3zk9agvb4.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/don-fontijn-llwWLf63dEo-unsplash-scaled-pv6jy7m5nxcp9cej610l57i0iaycqqb7pwqxxb91ts.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/wp-font-resizer/images/minus.png HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/wp-font-resizer/images/plus.png HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/2022/11/untitled-1-recovered.svg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-font-resizer/images/reload.png HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/cassie-smart-wMxlI-RiAMM-unsplash-scaled-pwza57pjfzs8rfcmpj0xlhbqn3abyaiur2j1ec99ns.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/MARRAKECH-TO-ERG-CHEGAGA-DUNES-4-DAYS-TOURS-pvf9mhli7zmnbxqo76dnvn3e60r8yvvaxhqsjs2utc.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/master-addons/assets/css/master-addons-styles.css?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.13 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.9.4 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.4 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-font-resizer/js/fontResizer.js?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/master-addons/assets/js/plugins.js?ver=1.9.6 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/creame-whatsapp-me/public/js/kjua.min.js?ver=0.9.0 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.9.4 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/master-addons/assets/js/master-addons-scripts.js?ver=1.9.6 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/mobile-menu/includes/js/mobmenu.js?ver=2.8.2.7 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tomoroccotour.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:53:39 GMT
expires: Tue, 28 Nov 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 149268
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size:   16740
Md5:    e43b535855a4ae53bd5b07a6eeb3bf67
Sha1:   6507312d9491156036316484bf8dc41e8b52ddd9
Sha256: b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
                                        
                                            GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tomoroccotour.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:03:06 GMT
expires: Wed, 29 Nov 2023 15:03:06 GMT
cache-control: public, max-age=31536000
age: 76701
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Size:   35764
Md5:    60f23230f1a8d5c3b7d25b73f5b5ce23
Sha1:   ed08ada85d017893b9bcb8224e99154c6708f5d2
Sha256: 22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/elementor/thumbs/adil-diless-_fcZ5jncgAw-unsplash-scaled-pv6ikv36v1srqc31bp3p8nsts26mmseixnr8wcf4hs.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/eduardo-casajus-gorostiaga-RVOI4nNutfU-unsplash-scaled-pv3qhqb4zpdr5lu3381gawd9xhkeni7s7t3whytk00.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/rumman-amin-bzFHhYKdIa0-unsplash-scaled-pvf9uw9jcn4z6dj13t7j6iptg3bftf8vf3t52vm35s.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/tienko-dima-jk5CdjDgHbQ-unsplash-scaled-pw3k2nk02jlosx1l55gx08bvxt10eay01ufy5e4gw0.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/don-agnello-wEsPKE4dEdI-unsplash-scaled-pv3q3w4odifs89xpw8p6le2z39rvbxa1nbck5bc7ls.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/vince-gx-33DJx0Yb2cA-unsplash-scaled-pv6iqzz9h475ip66hul10m25dlxvvnrg412codblvk.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/mohammed-lak-CBfUGtVP0QE-unsplash-scaled-pv3q74onwyvc7x8ezn2x6ko4r1tdue4rfc8rnmje68.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/don-fontijn-llwWLf63dEo-unsplash-scaled-pv6jy7m5nxcp9cej610l57i0iaycqqb7pwqxxb91ts.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/meor-mohamad-LDY_h9PD_yg-unsplash-scaled-pva60pgdfhc3q8tfok98s3hl8dj2lohsi3zk9agvb4.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/emilia-igartua-9CM0JnzmWKU-unsplash-scaled-pv6jwhkt4uzrz2wn8a77kn5lavg4mpgxhdow91t18g.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/wp-font-resizer/images/reload.png HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/wp-font-resizer/images/minus.png HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/wp-font-resizer/images/plus.png HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/cassie-smart-wMxlI-RiAMM-unsplash-scaled-pwza57pjfzs8rfcmpj0xlhbqn3abyaiur2j1ec99ns.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/elementor/thumbs/MARRAKECH-TO-ERG-CHEGAGA-DUNES-4-DAYS-TOURS-pvf9mhli7zmnbxqo76dnvn3e60r8yvvaxhqsjs2utc.jpg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/uploads/2022/11/tomoroccotour-logo-official.svg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2022/11/untitled-1-recovered.svg HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:28 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/master-addons/assets/css/master-addons-styles.css?ver=6.1.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:28 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:28 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/creame-whatsapp-me/public/js/kjua.min.js?ver=0.9.0 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.4 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.13 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1 
Host: tomoroccotour.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Cookie: _ga_707QG0RHV9=GS1.1.1669810883.1.0.1669810883.0.0.0; _ga=GA1.1.1248510198.1669810883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         68.65.123.192
HTTP/2 500 Internal Server Error
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 1042
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:21:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1042
Md5:    b34abcfb0aa879bd54f0b73170e49e6a
Sha1:   21f2e04c598e17990cecbd06607f21f7579be731
Sha256: 9006a354237a4dc82d13b5428cb8c7a2cf2790e51791634cd8361118f051e550
                                        
                                            GET /css?family=Alegreya%3Ainherit%2C100%2C400&subset=latin%2Clatin-ext&ver=6.1.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 12:21:24 GMT
date: Wed, 30 Nov 2022 12:21:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Aclonica%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAleo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CChakra+Petch%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAlfa+Slab+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAkaya+Kanadaka%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArchivo+Black%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tomoroccotour.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 12:21:24 GMT
date: Wed, 30 Nov 2022 12:21:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2