www.aurora.com.pe/
108.167.172.144301 Moved Permanently 234 B IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e656016428d526d41bf4c835c3f21032
6a83347dfff5449a7388c68d83db76654dfe9607
37e438b4649c701589bf652531f0452d077ff426e54cbee8651648b293f3d741
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 20:42:30 GMT
Server: Apache
Location: https://www.aurora.com.pe/
Content-Length: 234
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13583
Expires: Tue, 29 Nov 2022 00:28:53 GMT
Date: Mon, 28 Nov 2022 20:42:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4200
Cache-Control: max-age=140331
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 20:42:30 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:41:21 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 20:17:49 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1481
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3121
Expires: Mon, 28 Nov 2022 21:34:31 GMT
Date: Mon, 28 Nov 2022 20:42:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JqoTGXoErpgP4GyoUaEExoPMEyDX4Ept1j9+ASWbvY9eVzASiGMqtXxV8UNj951J0vVQnR1N6QM=
x-amz-request-id: 7B8KPHDQ0YWFJV6E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 20:42:13 GMT
age: 17
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 20:42:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0563dbad87de7f27aeccb87493510dcf
bcb02dc15111d9af4aa732a611662596b176b74b
d841ffe7a7eab0b1b51189a62abf422f7c1cdc5dd851f4f6dde55e4a91bf7429
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D841FFE7A7EAB0B1B51189A62ABF422F7C1CDC5DD851F4F6DDE55E4A91BF7429"
Last-Modified: Sun, 27 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21594
Expires: Tue, 29 Nov 2022 02:42:25 GMT
Date: Mon, 28 Nov 2022 20:42:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 20:11:12 GMT
cache-control: public,max-age=3600
age: 1879
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5742
Cache-Control: max-age=136806
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 20:42:31 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:42:37 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.43.228.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.228.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CRtWhNOTui6ItsZMbNncqw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IyTLn/Zpfk+txv2b3TpPWXY/zaQ=
www.aurora.com.pe/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
108.167.172.144200 OK 3.0 kB URL HTTP/2 www.aurora.com.pe/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10435), with no line terminators
Hash a6099ee677b6d930b6b878cf0cb08422
a2eb69454196d4250d624d25aaec587e97686642
755acd6dc98e63baff6d8b105b1bcaf63b79f935381fb3f32a79dace7faae0ac
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 21:01:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2985
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-includes/css/classic-themes.min.css?ver=1
108.167.172.144200 OK 189 B URL HTTP/2 www.aurora.com.pe/wp-includes/css/classic-themes.min.css?ver=1
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 03:00:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/style.css?ver=1.0.0
108.167.172.144200 OK 2.6 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/style.css?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (971)
Hash bdc6686059d8303a677ea6b7446cb36b
c59a7c5eca0ea48e790d0c07bdda202cc40ca4ac
0632e70f089bff10a284faa94b7c9fc5371a7295da45adbf3737746cd8f067b9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/style.css?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Nov 2019 06:17:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2587
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
108.167.172.144200 OK 12 kB URL HTTP/2 www.aurora.com.pe/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 16f565a8f59ad5c049db9ef399b90df5
3ec6b1e3d5b626dcbbb6e7dfaabd6ecad8cc4e27
8d2dbd71966559957250504278cd832cff651f6904772c6bc4f5932e9d19af03
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Nov 2018 21:22:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12201
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/theme-framework/theme-style/css/adaptive.css?ver=1.0.0
108.167.172.144200 OK 9.7 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/theme-framework/theme-style/css/adaptive.css?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0ba445bf313932c17bfc7ef6bdc5fbd8
17e024c992c14a1acacd31fa278ec1a586b2803f
343d47a8990ff135db1a836643a22ca95c07ccc10e43d2b1f5136ffb07c724cd
GET /wp-content/themes/heavy/theme-framework/theme-style/css/adaptive.css?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Nov 2019 06:17:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9738
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 20:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.aurora.com.pe/wp-content/themes/heavy/theme-framework/theme-style/css/retina.css?ver=1.0.0
108.167.172.144200 OK 333 B URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/theme-framework/theme-style/css/retina.css?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 1c2b29ec10ad4b47eb03799527bde2b7
14a4ea7913c6cf4e5febba9a283653b177a2cbc2
73b4cc7d5b9293b9eacd29461f0c786fd4b16b7c847fbc9e9c7c0b8b99771c05
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/theme-framework/theme-style/css/retina.css?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Nov 2019 06:17:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 333
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 20:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 20:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.aurora.com.pe/wp-content/themes/heavy/theme-vars/theme-style/css/fontello-custom.css?ver=1.0.0
108.167.172.144200 OK 1.4 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/theme-vars/theme-style/css/fontello-custom.css?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 89e499e817a5094c5ea5be93d928570f
d20b5e2dfd1ce4d41bd29135dbf8e8955b58de14
aad252b2d20941b26847ad15acce8fe4907139c786592c76f8dcd12b953b2d95
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/theme-vars/theme-style/css/fontello-custom.css?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Nov 2019 06:17:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1381
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
108.167.172.144200 OK 1.2 kB URL HTTP/2 www.aurora.com.pe/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (3029), with no line terminators
Hash 1d43db37790e13f685a3c696579e3b2c
ecd7d8bcf06c069e2f296726649b6959608abfbe
4207a6e0849fcaec34e8b6de5931cf3158aca1121c232039654b4144aea9552e
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 21:01:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1203
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/custom-css-js/2923.css?v=8814
108.167.172.144200 OK 186 B URL HTTP/2 www.aurora.com.pe/wp-content/uploads/custom-css-js/2923.css?v=8814
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF, LF line terminators
Hash d49e3a1d7b8c48d6d2694df063945301
18c031f142c994a50a3ff5b033fef1d4708e91f3
88b6b85c092d9703e0cf6437bcabd28bf7792a2903b60dd5db77bb2c0c845881
GET /wp-content/uploads/custom-css-js/2923.css?v=8814 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Mar 2022 21:23:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 186
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/respond.min.js?ver=1.0.0
108.167.172.144200 OK 2.5 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/respond.min.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (4453), with CRLF line terminators
Hash 713147e91d0f83c401063030a57735ed
d6fffa13d1eb527ac82b690fc3d027fdb2d80a23
e8e917c0a8c95b88303ec4dcacf9dac9ab27d0f6d011bd8d190e305ec97a329c
GET /wp-content/themes/heavy/js/respond.min.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2452
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
108.167.172.144200 OK 5.3 kB URL HTTP/2 www.aurora.com.pe/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 24 May 2022 23:49:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/css/ilightbox.css?ver=2.2.0
108.167.172.144200 OK 2.2 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/css/ilightbox.css?ver=2.2.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (446), with CRLF line terminators
Hash fdad45b6c22abbfa6158a41d62f49dc4
04b208fa473c42441797c491e3ec0dd353718b9d
1ef5bea2237eb3f6da11d5712b58513549ded1b624ac841c55075c532325a4c6
GET /wp-content/themes/heavy/css/ilightbox.css?ver=2.2.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Nov 2019 06:17:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2179
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/woocommerce/cmsmasters-framework/theme-style/css/plugin-adaptive.css?ver=1.0.0
108.167.172.144200 OK 2.2 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/woocommerce/cmsmasters-framework/theme-style/css/plugin-adaptive.css?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash cb9459372c835fb87fb8a72454647695
e49266211aa25058c6d677a017d67e8f04428de5
253de877c5e43c60fa91d957ed3d737040cb0be673c05062bd278da7a3d61266
GET /wp-content/themes/heavy/woocommerce/cmsmasters-framework/theme-style/css/plugin-adaptive.css?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Nov 2019 06:17:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2177
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/css/ilightbox-skins/dark-skin.css?ver=2.2.0
108.167.172.144200 OK 1.8 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/css/ilightbox-skins/dark-skin.css?ver=2.2.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 6922bf9cf1d98cc8d779b3451f2f4efd
93911a8fbe63e42d11bcc0a4f72442da04e47730
861466863ab344ffae262027299bdcc32e3dd7494386d794f80bae88ce91f7c7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/css/ilightbox-skins/dark-skin.css?ver=2.2.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Nov 2019 06:17:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1818
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
108.167.172.144200 OK 3.9 kB URL HTTP/2 www.aurora.com.pe/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9111)
Hash a9d79ad492f5d209828cf75ff095edb0
b969ee59c642ce462a2cea6b487f2b1d57a8a18a
c362ad1758080d8a6214b29639dd88f082394a603d4afa9f12d8a037f55f94e5
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 21:01:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3949
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/css/animate.css?ver=1.0.0
108.167.172.144200 OK 6.7 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/css/animate.css?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (460), with CRLF line terminators
Hash f248e729db398bb48616746eb94d3eaf
a9e38314d6de08844a4885313e06a632134d3231
8e3d657f4f9ccdc2a84596e21bce6d4a87395415d4ce4d52f061e10edce8c43d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/css/animate.css?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Nov 2019 06:17:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6712
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/custom-css-js/3043.css?v=9775
108.167.172.144200 OK 188 B URL HTTP/2 www.aurora.com.pe/wp-content/uploads/custom-css-js/3043.css?v=9775
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF, LF line terminators
Hash 4f8cf0ad25b072e5f988b11849033716
93b7e13c9fcdddf4b3022e8375721e9b6333afff
46f98fae25aea8ad05f45f3e2e80cc004b5570359ed2a90f47e30364a52702b1
GET /wp-content/uploads/custom-css-js/3043.css?v=9775 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Mar 2022 21:22:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 188
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
108.167.172.144200 OK 1.0 kB URL HTTP/2 www.aurora.com.pe/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1668)
Hash 0bebfb5722cbc8ac04e62aa40698be49
3bc5e4f29cb19a2d80d46dee242dabf7e42c0fd3
70d02eabbadbe176455a2bb53d8d567feca69847c067a5274987a8bdc65e3c05
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 21:01:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1000
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?hl=es_ES&onload=recaptchaCallback&render=explicit&ver=2.0
142.250.74.164200 OK 577 B URL HTTP/2 www.google.com/recaptcha/api.js?hl=es_ES&onload=recaptchaCallback&render=explicit&ver=2.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (912), with no line terminators
Hash 14bf1b45f0b8bc1b1c1080c06bab1edb
d4523e03bd8fcfaacb6fe2c30424edd75ed11a1b
7c4a62f4067db71cf31a79f5ec8453c45a7dc67e22373beffff0ad7fc9b070c4
GET /recaptcha/api.js?hl=es_ES&onload=recaptchaCallback&render=explicit&ver=2.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 28 Nov 2022 20:42:32 GMT
date: Mon, 28 Nov 2022 20:42:32 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 577
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 20:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.aurora.com.pe/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
108.167.172.144200 OK 792 B URL HTTP/2 www.aurora.com.pe/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2139), with no line terminators
Hash 1ca3f41c13e0027acc45f0601f8b640f
cced34af0c6a59e9cee4229faa66ab39c7031506
d3bc5eaf4c6be9473dbba690825cce9a1a6f4accb6721dae7875efef54942f41
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 21:01:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 792
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=5.5.2
108.167.172.144200 OK 5.0 kB URL HTTP/2 www.aurora.com.pe/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=5.5.2
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (53826)
Hash 9efd7d6365e9c678efa020552abf7f30
4f4b40cd3dce51f811f798bb541b714390c09c01
98950fa8da02826015730a69db52eae9f64cdfcad4db72ec0713ce6a1ec3f394
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=5.5.2 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Nov 2018 21:25:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4996
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/gutenberg/cmsmasters-framework/theme-style/css/frontend-style.css?ver=1.0.0
108.167.172.144200 OK 7.8 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/gutenberg/cmsmasters-framework/theme-style/css/frontend-style.css?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0a9231a32cfb935b1a6f7d8fe802dd16
4d5ce5131c0bd41218ca120d86b1ec1f14ff7e26
1b14749d3ff5dba5bc688a937b55d7c786970a1ba5997c311b0fd07604fb9491
GET /wp-content/themes/heavy/gutenberg/cmsmasters-framework/theme-style/css/frontend-style.css?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Nov 2019 06:17:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7754
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
aurora.com.pe/wp-content/uploads/2019/09/1z.png
108.167.172.144200 OK 4.4 kB URL HTTP/2 aurora.com.pe/wp-content/uploads/2019/09/1z.png
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 84 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ae98c19772af0780930f5cefe2c8f7f
9dae68aafbbffed0246563769aa9ce9f1fdb2d7d
295c3f09aac724d6687243e5a9868fc80666e2b391510074ba3e7b82b9e68d65
GET /wp-content/uploads/2019/09/1z.png HTTP/1.1
Host: aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:37 GMT
accept-ranges: bytes
content-length: 4443
content-type: image/png
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/modernizr.min.js?ver=1.0.0
108.167.172.144200 OK 7.1 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/modernizr.min.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (14852), with CRLF line terminators
Hash ae7b8d5aba7c3a0d9754cb26a83d4851
db9263223891edae7539c2459d8aa4b9e207ed0d
d010e13a6ee5ca375f49ee4eea2bcfd41bc136a5609c24809b4b1e58d34c2eed
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/js/modernizr.min.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7131
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/2019/10/yv.png
108.167.172.144200 OK 18 kB URL HTTP/2 www.aurora.com.pe/wp-content/uploads/2019/10/yv.png
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 109, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f0efd8d723b3b7c830552c3c64589d7
3853f2539dcae6fd49453f6bd54a1a929aad0bd4
650b39c4d39301d6a92f432fba98d0a06bb5fb1475b0398888fa51e796be6064
GET /wp-content/uploads/2019/10/yv.png HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:19 GMT
accept-ranges: bytes
content-length: 18434
content-type: image/png
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
108.167.172.144200 OK 1.1 kB URL HTTP/2 www.aurora.com.pe/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2938), with no line terminators
Hash 769e9d3f7fc383ec1a02024e39730474
4f5a5edf28ed19b48c5e40747ec6896f0df8f09e
4636689d57889e984a7a1a1c6e2516b7a2d951407ca826aaf505c50002e2b486
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 21:01:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1093
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/cmsmasters-mega-menu/js/jquery.megaMenu.js?ver=1.2.9
108.167.172.144200 OK 1.2 kB URL HTTP/2 www.aurora.com.pe/wp-content/plugins/cmsmasters-mega-menu/js/jquery.megaMenu.js?ver=1.2.9
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 07fa3f5d6dcdd57fa7ffe4ee777c91f8
956445cbb4e989bfea776521368c3a58641bba88
f6d3437ce43653f0e513ff2b72bd2c8aedba9ca877379a5e547e235bd5d7782d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cmsmasters-mega-menu/js/jquery.megaMenu.js?ver=1.2.9 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Mar 2022 22:28:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1182
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/custom-css-js/2852.css?v=2378
108.167.172.144200 OK 678 B URL HTTP/2 www.aurora.com.pe/wp-content/uploads/custom-css-js/2852.css?v=2378
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF, LF line terminators
Hash c8bb2b7e5b4c2d83c3c607b5d65ec4f6
cdaffc42e30bc743f164a11768b06f3ecaea553d
804b83148543c1d58de17c408599b9aad91a6c41a91962578a1da2a0ef2cf270
GET /wp-content/uploads/custom-css-js/2852.css?v=2378 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Mar 2022 21:22:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 678
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/debounced-resize.min.js?ver=1.0.0
108.167.172.144200 OK 309 B URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/debounced-resize.min.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (365), with CRLF line terminators
Hash 3d9106fcee0c9ec14f7241eec532e85d
493e4bd59a1ebb57ca139dea865f295c00658975
386079c5aee3cc0ab0a9dee3201f54d9713e8813d61ed1a042131010b2aadc89
GET /wp-content/themes/heavy/js/debounced-resize.min.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 309
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.5.2
108.167.172.144200 OK 348 B URL HTTP/2 www.aurora.com.pe/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.5.2
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 1c2e22378018f96c567ef0442e1e8890
30032407c1aeaa13cbce8a245a98a621370456ac
e02367dff982893c4fe2f822d51168c15f7b5f006a55df5b47d2666701b2107d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.5.2 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Nov 2018 21:26:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 348
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
108.167.172.144409 Conflict 83 B URL HTTP/2 www.aurora.com.pe/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
108.167.172.144200 OK 4.6 kB URL HTTP/2 www.aurora.com.pe/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Mar 2022 21:16:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/css/fontello.css?ver=1.0.0
108.167.172.144200 OK 11 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/css/fontello.css?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash ccd611509a36cd8ee08675276d8fbb4f
9469bfeede8150352de15242fd3634d8a5405b67
c72a9a3354ab3502cc8795caed9da9e9a1b6348d290827ed0c95d22aeca38a32
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/css/fontello.css?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Nov 2019 06:17:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10841
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/woocommerce/cmsmasters-framework/theme-style/css/plugin-style.css?ver=1.0.0
108.167.172.144200 OK 12 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/woocommerce/cmsmasters-framework/theme-style/css/plugin-style.css?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 4e355b7bece7401e3c97972cbd4e227a
c96a37e132546a3e57392d8a60fdb2f1792df9dc
847c8531c6aaeab605fc32f0ed14d79e0ecbd170e0f9200bb18956376eaaaf71
GET /wp-content/themes/heavy/woocommerce/cmsmasters-framework/theme-style/css/plugin-style.css?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Nov 2019 06:17:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12136
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
108.167.172.144409 Conflict 83 B URL HTTP/2 www.aurora.com.pe/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
108.167.172.144409 Conflict 83 B URL HTTP/2 www.aurora.com.pe/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/request-animation-frame.min.js?ver=1.0.0
108.167.172.144200 OK 467 B URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/request-animation-frame.min.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (713), with CRLF line terminators
Hash e75374546b0836694d42a7bfe52288ba
13030b7273e0a7025e6ca29d1e7940a69ab77844
f46e5876b169581726210f23da6f1e16418b3ece6fc6155796ab43cdee25c233
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/js/request-animation-frame.min.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 467
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/cmsmasters-hover-slider.min.js?ver=1.0.0
108.167.172.144200 OK 1.1 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/cmsmasters-hover-slider.min.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (2995), with CRLF line terminators
Hash 4d7879114141c997e279a8e575213597
24c71c12b3694bca7b862ceac3571fd97ce5e418
e05aa50b228873cbc78e2891e87333875baa3d747bf81edf715e127d9b9eb512
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/js/cmsmasters-hover-slider.min.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1061
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/mousewheel.min.js?ver=1.0.0
108.167.172.144200 OK 622 B URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/mousewheel.min.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1044), with CRLF line terminators
Hash 148e1842bf61518fa839ca697cbfbe0a
0025ec1160bd5305e5d5447a5bfbcdcac014094e
9e7c64e89c57153249a0d64ac18be0ad71f1c5536609ea15c4023e00fb2f0efb
GET /wp-content/themes/heavy/js/mousewheel.min.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 622
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/easing.min.js?ver=1.0.0
108.167.172.144200 OK 1.1 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/easing.min.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3637), with CRLF line terminators
Hash ed98b01bd1e784bd2a35d350705b3692
8b9e88b7709b725c32a2da5991fcf0fa51049b4f
e264036b17293d50ba056ecc5c582790730d2f59b70679afd2f3bc639256464f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/js/easing.min.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1052
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2
108.167.172.144200 OK 716 B URL HTTP/2 www.aurora.com.pe/wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 186e990fae087bd85a4bd50244f23142
e472067f70799c92d5ff4f5356008f5feddf2599
85a5f877a87af9701ffc01902fa83deb391de09ad5eb52d94dc52c29d09bdcd1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Jul 2022 23:47:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 716
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-includes/js/imagesloaded.min.js?ver=4.1.4
108.167.172.144200 OK 2.1 kB URL HTTP/2 www.aurora.com.pe/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2103
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/easy-pie-chart.min.js?ver=1.0.0
108.167.172.144200 OK 1.8 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/easy-pie-chart.min.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3721), with CRLF line terminators
Hash ca3e33ca89b41eb93695de9ceae5b6c6
1a092f7b48e4939a331839b74dad9f47c4b46c28
343f7e85d286167a4c438547aecbee3773e6431401d6eb4d7d63fe86b45e5e2d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/js/easy-pie-chart.min.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1779
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/scroll-to.min.js?ver=1.0.0
108.167.172.144200 OK 1.4 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/scroll-to.min.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2445), with CRLF line terminators
Hash fde64af243934e85dfd364ffa9918b0c
9a5597622c1e30671390cd1317f6ea691f1571a7
ba87c7d486e4224c947629784713a39f3caa85905f222f71e2fa2ece5c6b19bf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/js/scroll-to.min.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1426
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/smooth-sticky.min.js?ver=1.0.2
108.167.172.144200 OK 2.1 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/smooth-sticky.min.js?ver=1.0.2
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4971)
Hash 7a074287658a6f68bf3646bbc9ccd889
a33e96ad89e1e33a9679ec3a4c8cfbf241fa8403
c721714f59fab87848d5f2106ad6b495c4629b5f28e1cfcd10feaaa571001384
GET /wp-content/themes/heavy/js/smooth-sticky.min.js?ver=1.0.2 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2102
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Heebo%3A400%2C500%7CWork+Sans%3A400%2C500%2C600%2C700&ver=6.1.1
142.250.74.10200 OK 2.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Heebo%3A400%2C500%7CWork+Sans%3A400%2C500%2C600%2C700&ver=6.1.1
IP 142.250.74.10:0
File type ASCII text, with very long lines (2946)
Hash a882569a39b1897531aa828a579cd8ba
4e806d5918a812ae603997b39ce7cbdf4f4d4b94
21b24fd27b65157e1a434669358853767353fbab86dba6289c39a49643f37c8f
GET /css?family=Heebo%3A400%2C500%7CWork+Sans%3A400%2C500%2C600%2C700&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 20:42:32 GMT
date: Mon, 28 Nov 2022 20:42:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/woocommerce/cmsmasters-framework/theme-style/js/jquery.plugin-script.js?ver=1.0.0
108.167.172.144200 OK 1.8 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/woocommerce/cmsmasters-framework/theme-style/js/jquery.plugin-script.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 71b4036df09c154a09972e0d4ff2e7d8
f97bc6e13b5130a4879c8dc2af39f2b71f61e3df
3d2fcaf4da3eacf08bb6f480b1c9f69a57be3d952f51fbc014ab0de80fb2bd3a
GET /wp-content/themes/heavy/woocommerce/cmsmasters-framework/theme-style/js/jquery.plugin-script.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Mar 2022 22:21:55 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1817
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.5.2
108.167.172.144200 OK 3.1 kB URL HTTP/2 www.aurora.com.pe/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.5.2
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7808)
Hash d24f70901f104dd76b430252bb3bf2e1
784b0ea20fea97b9bb7ee56f0b3436895c2e5c15
915b4f416c548cf1e57c127aae747569cc4b2918453e509889bc24d7ce3fe692
GET /wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.5.2 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Nov 2018 21:25:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3126
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/jquery.tweet.min.js?ver=1.3.1
108.167.172.144200 OK 3.3 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/jquery.tweet.min.js?ver=1.3.1
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, Unicode text, UTF-8 text, with very long lines (7318), with CRLF line terminators
Hash b3792d75b0fb14d1c015e85a756474fc
5a42ab919dfac836e638830108c199baadf8bb41
fb5d29fa85138344f44e660c70d6f335707747ffab84fec4d0747645f61e7d54
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/js/jquery.tweet.min.js?ver=1.3.1 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3275
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/scrollspy.js?ver=1.0.0
108.167.172.144200 OK 4.8 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/scrollspy.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (564), with CRLF line terminators
Hash 76f025219fdf53d0eaba800cca4b4b46
ed27781a3b76d3dc5d2b5f94bcb30f1cde27fd5d
f954437c8d95625ffa9afd4ba8e47b8b62da5a58d525903a02f4b89d44246527
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/js/scrollspy.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4804
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/stellar.min.js?ver=1.0.0
108.167.172.144200 OK 4.2 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/stellar.min.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12505), with CRLF line terminators
Hash fdb9f887c71906084b782f5a58d5246c
a246b77d853265dda94f5763ade09cb82c98d0dc
db6c9b44384e2bc95554a89439b78836c310e2f0f807fd4a8bc5153bbff5fc0c
GET /wp-content/themes/heavy/js/stellar.min.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4152
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/theme-framework/theme-style/js/jquery.theme-script.js?ver=1.0.0
108.167.172.144200 OK 3.9 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/theme-framework/theme-style/js/jquery.theme-script.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3972), with CRLF line terminators
Hash 2c935ed95e9102663d804aedc4f0704a
8158ed0519741033d950a5cb6e3002de4daf4f20
485bbcceefecee1cbe54f49f3e53c5dc01b595a3b5d5fcf927532fe5aea52ae8
GET /wp-content/themes/heavy/theme-framework/theme-style/js/jquery.theme-script.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 12 Mar 2022 02:28:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3899
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.2
108.167.172.144200 OK 7.1 kB URL HTTP/2 www.aurora.com.pe/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.2
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19710), with no line terminators
Hash c433fb0eb0cbaa5fff7b0a1c4d261a87
d3c7e1a55c764c1aac24fe30a9a5a48fc919c464
c30ec75a791087bfda7d829afaaedb4fcfabc0c69650fbff71e4a43ebe7c4003
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.2 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Nov 2018 21:26:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7129
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/owlcarousel.min.js?ver=1.0.0
108.167.172.144200 OK 11 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/owlcarousel.min.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 6b713f4ee0a68f6a379382e048bcf6c5
61431e61a3ee6108e4d703bc60a4c1ba61bb3de3
9228af2239d987038fc6737e538ef047fa7bd5a0b2cbca78a7cba486c0dd8841
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/js/owlcarousel.min.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10834
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/js/jquery.script.js?ver=1.0.0
108.167.172.144200 OK 11 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/jquery.script.js?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 727392b345a81df8a22fb822a4d8958e
aa6346ee91296204d503f8c645f647df7accbf2c
f0954aac603a13b6b1ca053cd3bdc0ed9b75fb93f2be4d6c03e97525e9f3520e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/js/jquery.script.js?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10560
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16587
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 20:42:32 GMT
Connection: keep-alive
www.aurora.com.pe/wp-content/uploads/2019/10/2323-200x100.png
108.167.172.144200 OK 503 B URL HTTP/2 www.aurora.com.pe/wp-content/uploads/2019/10/2323-200x100.png
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
GET /wp-content/uploads/2019/10/2323-200x100.png HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:16 GMT
accept-ranges: bytes
content-length: 4837
content-type: image/png
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16587
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 20:42:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16587
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 20:42:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16587
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 20:42:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:42:14 GMT
age: 82818
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/2019/12/4.jpg
108.167.172.144200 OK 790 kB URL HTTP/2 www.aurora.com.pe/wp-content/uploads/2019/12/4.jpg
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Macintosh), datetime=2019:12:17 19:27:03], baseline, precision 8, 1920x636, components 3\012- data
Size 790 kB (789591 bytes)
Hash 01e8c55f5105b626bfd4cae6280608f0
1c96c31c27ad61e8cbc4c196d359e16a9b5a1f35
a7e140120c59167c734aa1ce95cf230ee59b7acf41291cfb720353ae2df277ba
GET /wp-content/uploads/2019/12/4.jpg HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:35 GMT
accept-ranges: bytes
content-length: 789591
content-type: image/jpeg
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15bd53848c7082464273007e010c54e0
9a3ca698ca1aeae695923277ed2244465e01a1ea
36cfa29965173ea683992d4b436f393e92c978350347f869355d933613e2c005
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10119
x-amzn-requestid: 20bfd6a6-2981-42ca-8997-9363676773c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR782HEZIAMFTKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9eb-552581a92a69d6cd322bf334;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _jTN1lFL0_PS-9DYgE6O2V6s6AYnlGJs0xCEHn761Mxq_asytlaRoQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:40 GMT
age: 82252
etag: "9a3ca698ca1aeae695923277ed2244465e01a1ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 81646
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 81646
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a6e5f60b87d3879606a6707feb37a73
373c96c2e0006d70954d4b4ebd850f62f558e92c
1ae48f692f44d357e21eec708b46f22c36a3de21be8d0f1c2035d197e0aa89de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9546
x-amzn-requestid: 60e352b5-ab38-4975-bf26-500f0a639a2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFfulExwIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637edff6-1364912f7fd292da6453a83e;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 03:07:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VJEv2ld4UX33FTfVpUHNhOzTtv17G-PrI-eBKS2ofhQ5dx_Smuz8Bw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 05:51:32 GMT
age: 53460
etag: "373c96c2e0006d70954d4b4ebd850f62f558e92c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 10:13:33 GMT
age: 37739
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 20:42:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2
216.58.207.195200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 27116, version 1.0\012- data
Hash 13c1ac7fc8f934e169620e81471a3a54
d111242b230c54204e9ec061537869f8ce20cb53
b38977ea35fde92fe200fa14ac7cc55e2edce54b998ce9a08734ba1dd9053fed
GET /s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.aurora.com.pe
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 15:03:07 GMT
expires: Wed, 22 Nov 2023 15:03:07 GMT
cache-control: public, max-age=31536000
age: 538766
last-modified: Mon, 11 Jul 2022 20:35:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/2019/12/1-1.jpg
108.167.172.144200 OK 867 kB URL HTTP/2 www.aurora.com.pe/wp-content/uploads/2019/12/1-1.jpg
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Macintosh), datetime=2019:12:17 19:24:54], baseline, precision 8, 1920x636, components 3\012- data
Size 867 kB (867339 bytes)
Hash 2415afe9697db031cc0c15ddb2031cbb
6a949e2c6fe653bd0d7336074f7a9cfa28e335c2
22a8a3d5a438155ee881c5a9e1bc7502064607bf3da57356605011c471fef9d8
GET /wp-content/uploads/2019/12/1-1.jpg HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:34 GMT
accept-ranges: bytes
content-length: 867339
content-type: image/jpeg
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/2019/12/2.jpg
108.167.172.144200 OK 872 kB URL HTTP/2 www.aurora.com.pe/wp-content/uploads/2019/12/2.jpg
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Macintosh), datetime=2019:12:17 19:25:41], baseline, precision 8, 1920x636, components 3\012- data
Size 872 kB (872299 bytes)
Hash 81f7ced4df1279e46a271b8950ec7543
77d52841224b86dbfc0508ea1ab6017accb0354b
3ebaa5cb78f97e0edd346f3194d7dc5bca2a521f9aae09a3146c6872d432c6af
GET /wp-content/uploads/2019/12/2.jpg HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:34 GMT
accept-ranges: bytes
content-length: 872299
content-type: image/jpeg
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 20:42:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.aurora.com.pe/wp-content/themes/heavy/js/jquery.iLightBox.min.js?ver=2.2.0
108.167.172.144200 OK 74 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/js/jquery.iLightBox.min.js?ver=2.2.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c7054ae7355a33994c3cb5f67ead418f
fad00124836f31108c4c65545584ce5e004d5b26
101f729674e92c75f03e7f139829144a6c534f27a4aa3b000be968ae18f54e90
GET /wp-content/themes/heavy/js/jquery.iLightBox.min.js?ver=2.2.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 10 Jun 2019 21:33:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/css/fonts/fontello.woff?61757689
108.167.172.144200 OK 131 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/css/fonts/fontello.woff?61757689
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 130584, version 1.0\012- data
Size 131 kB (130584 bytes)
Hash d43e4606fd9be47df1a8f71a1c1d43a4
a205b137b1365c4c7108f68b7c791cf8750e8c48
00b4afbe6cb75d57da853cda1c11b94ffbc3f3820822803ef826e19f8d46ad8f
GET /wp-content/themes/heavy/css/fonts/fontello.woff?61757689 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.aurora.com.pe/wp-content/themes/heavy/css/fontello.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Nov 2019 06:17:19 GMT
accept-ranges: bytes
content-length: 130584
content-type: font/woff
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/theme-vars/theme-style/css/fonts/fontello-custom.woff2?87775755
108.167.172.144200 OK 11 kB URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/theme-vars/theme-style/css/fonts/fontello-custom.woff2?87775755
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 11144, version 1.0\012- data
Hash 1c30525fe153fc534513f7b7a23d5bd0
bc6ab7409dd8a0ec71e8dddfd183cf79a19267f9
88b80ba0400e9324b8dda1f88d9f14d86516440ae836e1c0262622ccae24c3d3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/heavy/theme-vars/theme-style/css/fonts/fontello-custom.woff2?87775755 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.aurora.com.pe/wp-content/themes/heavy/theme-vars/theme-style/css/fontello-custom.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Nov 2019 06:17:19 GMT
accept-ranges: bytes
content-length: 11144
content-type: font/woff2
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/2019/09/4v4vv.png
108.167.172.144200 OK 570 kB URL HTTP/2 www.aurora.com.pe/wp-content/uploads/2019/09/4v4vv.png
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1301 x 499, 8-bit/color RGB, non-interlaced\012- data
Size 570 kB (569899 bytes)
Hash f69ae3fc0a28bbe56f890d7be4bd592e
13be7ad3dad21263771b5b586158b996f43c90f0
ab2e45a25d83289f9756ded739608c6c4090bf50a919ab3ae42a69490de2cad6
GET /wp-content/uploads/2019/09/4v4vv.png HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:37 GMT
accept-ranges: bytes
content-length: 569899
content-type: image/png
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
X-Firefox-Spdy: h2
aurora.com.pe/wp-content/uploads/2019/10/5v.png?id=2969
108.167.172.144200 OK 1.0 MB URL HTTP/2 aurora.com.pe/wp-content/uploads/2019/10/5v.png?id=2969
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1920 x 565, 8-bit/color RGB, non-interlaced\012- data
Size 1.0 MB (1020383 bytes)
Hash d07b2d4b55a3e572aca163dd68cd30a1
0f70ff3d359a5a805bbb9272f823afcb812de5f6
8ca2f191728c0de16b6ab6bb7370f359c8e37c7fff03b4e9bdd0acf268f696d2
GET /wp-content/uploads/2019/10/5v.png?id=2969 HTTP/1.1
Host: aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:30 GMT
accept-ranges: bytes
content-length: 1020383
content-type: image/png
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
X-Firefox-Spdy: h2
aurora.com.pe/wp-content/uploads/2019/09/bbb.png
108.167.172.144200 OK 4.1 kB URL HTTP/2 aurora.com.pe/wp-content/uploads/2019/09/bbb.png
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 77 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c59baecae53190f7adbe158c889f517
f6d06b95fd18f10978284c5ce153a5b84dc0e48f
06856dede4a9472aa92e38ab65b88c9814cc362cec8c8ad6368fea35c9464e7b
GET /wp-content/uploads/2019/09/bbb.png HTTP/1.1
Host: aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:37 GMT
accept-ranges: bytes
content-length: 4065
content-type: image/png
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
X-Firefox-Spdy: h2
aurora.com.pe/wp-content/uploads/2019/10/23232323-1160x514.png
108.167.172.144200 OK 356 kB URL HTTP/2 aurora.com.pe/wp-content/uploads/2019/10/23232323-1160x514.png
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1160 x 514, 8-bit/color RGBA, non-interlaced\012- data
Size 356 kB (355569 bytes)
Hash d4ad8112ffb6014972a1be52b2efc2c9
d2804dca7e990d842e232e1f0e2e6c994c9eccc6
ed3d25ee1fd882f0d072af7da001922c2088717cb221a3ec771e6977f2c626ad
GET /wp-content/uploads/2019/10/23232323-1160x514.png HTTP/1.1
Host: aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:18 GMT
accept-ranges: bytes
content-length: 355569
content-type: image/png
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/2019/01/3Z.png
108.167.172.144200 OK 189 kB URL HTTP/2 www.aurora.com.pe/wp-content/uploads/2019/01/3Z.png
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 290 x 391, 8-bit/color RGB, non-interlaced\012- data
Size 189 kB (188982 bytes)
Hash f0e3fcf0543e757187c32b582d5782ea
78b1bf9afbea49c105c41df8c0103442a92ccb4f
c1c086d45ed2a8b0b62885ba2a1a9ecbf91c196df08f2e9940b4424b8e830098
GET /wp-content/uploads/2019/01/3Z.png HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:35 GMT
accept-ranges: bytes
content-length: 188982
content-type: image/png
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/2019/09/BARCO.png
108.167.172.144200 OK 6.4 kB URL HTTP/2 www.aurora.com.pe/wp-content/uploads/2019/09/BARCO.png
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash aad55baf64f32f71f143ddb643f2999d
32ea863a5dfc0c9e0d19ae2d44ac7ba456ba897f
7f70b9c2831abe43d5b60084d73cbc3e1446a9754a58ef8ffeccca27eba065c0
GET /wp-content/uploads/2019/09/BARCO.png HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:37 GMT
accept-ranges: bytes
content-length: 6362
content-type: image/png
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
X-Firefox-Spdy: h2
app.purechat.com/VisitorWidget/WidgetScript
54.230.111.51200 OK 10 kB URL HTTP/2 app.purechat.com/VisitorWidget/WidgetScript
IP 54.230.111.51:0
Hash a7bead4154a2b8cb66daa29c9d0ad01e
28941c1cb24896ad973f938b7c8a1ccae2ac692d
488e3665908e49af1caf36d36015ef6ab09e036264fcbbc268d7d80b1423c1c8
GET /VisitorWidget/WidgetScript HTTP/1.1
Host: app.purechat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Oct 2022 22:16:19 GMT
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 18:01:46 GMT
cache-control: public,max-age=14400
etag: W/"6d472c54bbcb8a12a1f1d8f4906802b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: slOynD_GA9ToGm5bSe7rsWIesZFLPYFMR1QG-3d6iFSkvb8Ac5F2HQ==
age: 9648
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/2019/01/4Z.png
108.167.172.144200 OK 96 kB URL HTTP/2 www.aurora.com.pe/wp-content/uploads/2019/01/4Z.png
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 287 x 388, 8-bit/color RGB, non-interlaced\012- data
Hash 723f0aea9499a6d10fd3d654aea5421b
3e52cbdc27d956be22271ef9714dda7acf89f722
f3fd862765feab5bcedaefc88d2da61e3c67a1fcd617ada800f97113f94c6371
GET /wp-content/uploads/2019/01/4Z.png HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:35 GMT
accept-ranges: bytes
content-length: 96041
content-type: image/png
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/2019/01/5Z.png
108.167.172.144200 OK 195 kB URL HTTP/2 www.aurora.com.pe/wp-content/uploads/2019/01/5Z.png
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 274 x 390, 8-bit/color RGB, non-interlaced\012- data
Size 195 kB (194658 bytes)
Hash ad09451680e2e569233c20280931402a
9f4f999dcec2b5d3ad4767b0e52703da87a8a1f2
33d07cfc1ec68923e81d206548df877c63ef58f2ef36a90b9133b7a136139301
GET /wp-content/uploads/2019/01/5Z.png HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:35 GMT
accept-ranges: bytes
content-length: 194658
content-type: image/png
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/2019/09/TRACTOR.png
108.167.172.144200 OK 6.8 kB URL HTTP/2 www.aurora.com.pe/wp-content/uploads/2019/09/TRACTOR.png
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 45ec8329d41fb4f8084c7187cec6c5c6
d22a10d3cbfe109fbe229183ebddce3d00a05cea
910062b967517310c41f1fd2c25392ac767b72c99400c5435d16a6b1afac737a
GET /wp-content/uploads/2019/09/TRACTOR.png HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:37 GMT
accept-ranges: bytes
content-length: 6785
content-type: image/png
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
108.167.172.144409 Conflict 83 B URL HTTP/2 www.aurora.com.pe/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/2019/09/CALLE.png
108.167.172.144200 OK 4.6 kB URL HTTP/2 www.aurora.com.pe/wp-content/uploads/2019/09/CALLE.png
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 3f22ce5996d12d6728362574b63306af
edc70ffacfff73daeba3144e522a4b7cbbc65b48
172b4cdd99261c4d4b9a9c5b7a6dc727129e9c5b5dbc218c73ff64d98091c42d
GET /wp-content/uploads/2019/09/CALLE.png HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:37 GMT
accept-ranges: bytes
content-length: 4578
content-type: image/png
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/2019/01/6Z.png
108.167.172.144200 OK 200 kB URL HTTP/2 www.aurora.com.pe/wp-content/uploads/2019/01/6Z.png
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 278 x 388, 8-bit/color RGB, non-interlaced\012- data
Size 200 kB (200480 bytes)
Hash 40036c8252c46f2445c096a2de2f6cf2
cb1ce1085ccf2a2420b5cb7a38577b67c19eba7c
1a7c4bcb8eacbbddeadaaa4ae81420fe0ffab869fd8a747cef4cdac5ce7bb866
GET /wp-content/uploads/2019/01/6Z.png HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 18:56:36 GMT
accept-ranges: bytes
content-length: 200480
content-type: image/png
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
108.167.172.144409 Conflict 83 B URL HTTP/2 www.aurora.com.pe/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 28 Nov 2022 20:42:33 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__es.js
142.250.74.163200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__es.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (734)
Size 164 kB (164263 bytes)
Hash 3001261109eb3453c86b327ddd13fd2b
80241fbaeed3a0ca25b2ad49cbee0a74f20e1856
d3562de20dc0aa1b96d2fdc2c7a6b0c9deae8f3a8cc76dfa8dc8508bf98e0aa9
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__es.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.aurora.com.pe
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164263
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 22:30:12 GMT
expires: Tue, 21 Nov 2023 22:30:12 GMT
cache-control: public, max-age=31536000
age: 598342
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.kenburn.min.js?version=5.4.8
108.167.172.144200 OK 1.6 kB URL HTTP/2 www.aurora.com.pe/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.kenburn.min.js?version=5.4.8
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3515), with CRLF line terminators
Hash a9a9ef0fb689c7d05dadc95487c59798
e5598003ddfb78a9d240b0ac85f83b62c37d7c14
d0e1b50aa1ec0a9a6bc4b31d7bd478df66d0342aec1c4307342d0254332dd0c5
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.kenburn.min.js?version=5.4.8 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Nov 2018 21:22:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1614
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:34 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
108.167.172.144200 OK 8.4 kB URL HTTP/2 www.aurora.com.pe/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (28818), with CRLF line terminators
Hash 9e9b332abe4a46934cc85242e22dd146
25dd86bdfc67ef2a8ce5561f73d5f5d147476da6
94f47ceb3f24fc839c1d3a60ed818edd717253efd60153e4e3ea2f00a7aba0ff
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Nov 2018 21:22:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8380
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:34 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/favicon.ico
108.167.172.144302 Found 0 B URL HTTP/2 www.aurora.com.pe/favicon.ico
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
link: <https://www.aurora.com.pe/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://www.aurora.com.pe/wp-includes/images/w-logo-blue-white-bg.png
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 28 Nov 2022 20:42:34 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/revslider/public/assets/assets/loader.gif
108.167.172.144200 OK 2.5 kB URL HTTP/2 www.aurora.com.pe/wp-content/plugins/revslider/public/assets/assets/loader.gif
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 24 x 24\012- data
Hash 4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Nov 2018 21:22:32 GMT
accept-ranges: bytes
content-length: 2545
content-type: image/gif
date: Mon, 28 Nov 2022 20:42:34 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/?wc-ajax=get_refreshed_fragments
108.167.172.144200 OK 208 B URL HTTP/2 www.aurora.com.pe/?wc-ajax=get_refreshed_fragments
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with no line terminators
Hash bc2a71d89ccb629c6793bdd0ca565602
6357b8192180647ba694e0b1861eb7c5642ccf3d
8f6d339891dfbebca9ae7e79c985d18487c2cf2490b35cca563e5db517b1f53e
Analyzer Verdict Alert fortinet Malware
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.aurora.com.pe
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.aurora.com.pe
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
content-encoding: gzip
content-length: 208
content-type: application/json; charset=UTF-8
date: Mon, 28 Nov 2022 20:42:34 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-includes/images/w-logo-blue-white-bg.png
108.167.172.144200 OK 4.1 kB URL HTTP/2 www.aurora.com.pe/wp-includes/images/w-logo-blue-white-bg.png
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.aurora.com.pe/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Nov 2021 00:04:01 GMT
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Mon, 28 Nov 2022 20:42:34 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/
108.167.172.144200 OK 49 kB IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0fc6b764557fcb5ad2118413da645718
0b6206dc264ea55780c1ead583d8ebda36d79d5b
6075efdab150ad9f2e09c5e1a4c2df59d03d89f91fdfac346cc56900e37ff602
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
link: <https://www.aurora.com.pe/wp-json/>; rel="https://api.w.org/", <https://www.aurora.com.pe/wp-json/wp/v2/pages/2911>; rel="alternate"; type="application/json", <https://www.aurora.com.pe/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 28 Nov 2022 20:42:31 GMT
server: Apache
X-Firefox-Spdy: h2
widgetapi.purechat.com/api/visitorwidget/widgetversions/992336ea-a0b2-440c-a254-6a39e9db35e0
3.139.212.148200 OK 408 B URL HTTP/2 widgetapi.purechat.com/api/visitorwidget/widgetversions/992336ea-a0b2-440c-a254-6a39e9db35e0
IP 3.139.212.148:0
File type JSON data\012- , ASCII text, with very long lines (408), with no line terminators
Hash d9ff9b80240e01a5ad621ffa8b577ebc
c2ba20e6d27357cec918908811ba0f1568c9a3a7
ae02a20652ab31954e6be3bbdb90bcc1c3edd8052879fd5629d18ae14c86f625
GET /api/visitorwidget/widgetversions/992336ea-a0b2-440c-a254-6a39e9db35e0 HTTP/1.1
Host: widgetapi.purechat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.aurora.com.pe
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:42:35 GMT
content-type: application/json; charset=utf-8
content-length: 408
server: Kestrel
cache-control: max-age=60
set-cookie: thirdPartyCookiesEnabled=true; expires=Tue, 29 Nov 2022 20:42:35 GMT; domain=purechat.com; path=/
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.aurora.com.pe
access-control-expose-headers: X-Requires-Auth
X-Firefox-Spdy: h2
api-cdn.purechat.com/api/visitorwidget/widget/992336ea-a0b2-440c-a254-6a39e9db35e0/12
54.230.111.114200 OK 3.2 kB URL HTTP/2 api-cdn.purechat.com/api/visitorwidget/widget/992336ea-a0b2-440c-a254-6a39e9db35e0/12
IP 54.230.111.114:0
Hash 8714b20828ba1eed95fd02fd2a18eaed
0585ad5f396690f36b534b9c63600941bcbd2e65
29962a25d3dc2eeab8847bba877d725a71228f40edfd8537c7ff28c68e177b94
GET /api/visitorwidget/widget/992336ea-a0b2-440c-a254-6a39e9db35e0/12 HTTP/1.1
Host: api-cdn.purechat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.aurora.com.pe
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Mon, 28 Nov 2022 20:42:35 GMT
server: Kestrel
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-origin: https://www.aurora.com.pe
access-control-expose-headers: X-Requires-Auth
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W2haAbJtV-T42OQNs-1Xjq6FK02L7OhShHQyUuW_DsZANbe210n9Sg==
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
108.167.172.144200 OK 48 kB URL HTTP/2 www.aurora.com.pe/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c809d9303bcd3b93d468d056115e15c8
059ecc538be46e6b0da93357b34e656a63788d86
364f08f919122c782cd1076cda97b55cac137559c0554d21813416de714aade9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Nov 2018 21:22:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
prod.purechatcdn.com/assets/modern_initializer.13836.js
104.21.69.94200 OK 26 kB URL HTTP/2 prod.purechatcdn.com/assets/modern_initializer.13836.js
IP 104.21.69.94:0
File type Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Hash 9bd4cd7a90d2a8d7ec47b3168318a58f
0c87b661baa3c979ae737ab93962c96ebaae3207
5fdcccc938a7a8c2b403333ec05d6b18aa9ac9e93c768cca5feb9cfa10c9bc8a
GET /assets/modern_initializer.13836.js HTTP/1.1
Host: prod.purechatcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:42:35 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
last-modified: Wed, 26 Oct 2022 22:15:02 GMT
x-amz-version-id: null
etag: W/"47ffa44a34a2af9c7f21609d19e46ae7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6535753e56582459e514c04b24458946.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: JEpVfgRR9a-O54LGV6icYebBkoavpP2BEKG0CCeIRHPIAQywkTO5rw==
age: 2845527
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkO8PZf29Hlxt84u7tVqwURrl%2FXS8u7IkK6jtHKKAWzabVux%2Fj5xRfqGriO61zt%2BGXZJ4RnAkkJiuw4wP%2FbSFCFE4yKFmJ28DtJseKxkERszuBzBBpC1iNT3oTkhI4xM3zYCqZDuTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7715ee54bc91b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.purechat.com/api/visitorwidget/chatavailable/537346/992336ea-a0b2-440c-a254-6a39e9db35e0?externalRequest=false&getAvailableOperators=true
52.14.220.91204 No Content 291 kB URL HTTP/2 api.purechat.com/api/visitorwidget/chatavailable/537346/992336ea-a0b2-440c-a254-6a39e9db35e0?externalRequest=false&getAvailableOperators=true
IP 52.14.220.91:0
Size 291 kB (291290 bytes)
Hash e20e04429c3bb5d83703131a7ee67287
d1fd62fc8af6c1533caa5342733c1b8b0c4fdda6
6240394f1bfdfa2e404450638bb91dbc5e357f1e9174b0d1d5461006d5332e86
OPTIONS /api/visitorwidget/chatavailable/537346/992336ea-a0b2-440c-a254-6a39e9db35e0?externalRequest=false&getAvailableOperators=true HTTP/1.1
Host: api.purechat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.aurora.com.pe/
Origin: https://www.aurora.com.pe
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 20:42:36 GMT
server: Kestrel
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.aurora.com.pe
X-Firefox-Spdy: h2
api.purechat.com/api/visitorwidget/chatavailable/537346/992336ea-a0b2-440c-a254-6a39e9db35e0?externalRequest=false&getAvailableOperators=true
3.139.212.148200 OK 20 B URL HTTP/2 api.purechat.com/api/visitorwidget/chatavailable/537346/992336ea-a0b2-440c-a254-6a39e9db35e0?externalRequest=false&getAvailableOperators=true
IP 3.139.212.148:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d3ac5eedc6360a1877f09d7b2f5e6df4
a75f519958ac058fa135c42ea0f248ebfa0303d6
a4d5c712c6ea170fe80e4e13806878ec5f04b70a9a6800d9a9e41a18ebdd7d87
GET /api/visitorwidget/chatavailable/537346/992336ea-a0b2-440c-a254-6a39e9db35e0?externalRequest=false&getAvailableOperators=true HTTP/1.1
Host: api.purechat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.aurora.com.pe/
Content-Type: application/json
Origin: https://www.aurora.com.pe
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:42:36 GMT
content-type: application/json; charset=utf-8
content-length: 20
server: Kestrel
access-control-allow-credentials: true
access-control-allow-origin: https://www.aurora.com.pe
access-control-expose-headers: X-Requires-Auth
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e5051d8c06f69e1842a9295ce256a36
1a542a53ba0b1cd0fb23257ebed8166555f16dfb
a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7556
x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78KFTmoAMF4yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 70UuQl2XCoplrZYENrKleE2mcvB-xP9zZGs8Tuh21NidSiHvA97sXw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 82290
etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.2
108.167.172.144200 OK 0 B URL HTTP/2 www.aurora.com.pe/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.2
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.2 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Nov 2018 21:26:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
108.167.172.144200 OK 0 B URL HTTP/2 www.aurora.com.pe/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 21:01:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/themes/heavy/theme-framework/theme-style/css/style.css?ver=1.0.0
108.167.172.144200 OK 0 B URL HTTP/2 www.aurora.com.pe/wp-content/themes/heavy/theme-framework/theme-style/css/style.css?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/heavy/theme-framework/theme-style/css/style.css?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Nov 2019 06:17:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
108.167.172.144200 OK 0 B URL HTTP/2 www.aurora.com.pe/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Nov 2022 13:40:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
108.167.172.144200 OK 0 B URL HTTP/2 www.aurora.com.pe/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 21:01:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2
www.aurora.com.pe/wp-content/uploads/cmsmasters_styles/heavy.css?ver=1.0.0
108.167.172.144200 OK 0 B URL HTTP/2 www.aurora.com.pe/wp-content/uploads/cmsmasters_styles/heavy.css?ver=1.0.0
IP 108.167.172.144:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/cmsmasters_styles/heavy.css?ver=1.0.0 HTTP/1.1
Host: www.aurora.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.aurora.com.pe/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 28 Nov 2022 20:42:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 28 Nov 2022 20:42:32 GMT
server: Apache
X-Firefox-Spdy: h2