| i1.wp.com/cdn.apollo.audio/one/media/6634/c8b3/ce6f/6005/c463/6e73/Toby%20Gayfer.jpg?quality=80&format=jpg&crop=16,0,118,182&resize=crop&w=1200&resize=1200,0&ssl=1 | 192.0.77.2 | 200 OK | 1.9 kB |
URL GET HTTP/2i1.wp.com/cdn.apollo.audio/one/media/6634/c8b3/ce6f/6005/c463/6e73/Toby%20Gayfer.jpg?quality=80&format=jpg&crop=16,0,118,182&resize=crop&w=1200&resize=1200,0&ssl=1 IP192.0.77.2:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 153x182, Scaling: [none]x[none], YUV color, decoders should clamp Hash8909b6974914fc811f9c956eb4eda11a 134e6ca4506d2ee77655336c55f9d16ebc3a08c9 b3c13f8f44213d1d16a12967be0a25ff7d29bc20377419624d1d8159eccc39a5
GET /cdn.apollo.audio/one/media/6634/c8b3/ce6f/6005/c463/6e73/Toby%20Gayfer.jpg?quality=80&format=jpg&crop=16,0,118,182&resize=crop&w=1200&resize=1200,0&ssl=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 21:15:43 GMT
content-type: image/webp
content-length: 1910
last-modified: Fri, 03 May 2024 18:23:49 GMT
expires: Mon, 04 May 2026 06:23:49 GMT
cache-control: public, max-age=63115200
link: <https://cdn.apollo.audio/one/media/6634/c8b3/ce6f/6005/c463/6e73/Toby%20Gayfer.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "eaae8ad65a002185"
vary: Accept
x-nc: MISS arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.animapuglia.it/wp-includes/js/imagesloaded.min.js?ver=5.0.0 | 172.67.162.22 | 200 OK | 2.3 kB |
URL GET HTTP/3www.animapuglia.it/wp-includes/js/imagesloaded.min.js?ver=5.0.0 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeJavaScript source, ASCII text, with very long lines (4358) Hash6823120876c9afc8929418c9a6f8e343 90b0adb37d70ffec5f9189c36bb0027c310c9502 b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
GET /wp-includes/js/imagesloaded.min.js?ver=5.0.0 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"1590-65f308ae-430363;br"
last-modified: Thu, 14 Mar 2024 14:24:46 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tp%2Fv4hItoya5lXxDeOlVYmMEwt6MRd59vUwokPM%2Baun%2BIQoJuY5M9Lwt1RdXOC5zWQiLnZRg%2BJWGeCxOsCz7WQQzT3KHyQOZYqaywNAvW1lY4lg9Cj2LmqRjNTWY%2FB%2B1VJBQivw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449f0d3256af-OSL
content-encoding: br
|
|
| www.animapuglia.it/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.2 | 172.67.162.22 | 200 OK | 754 B |
URL GET HTTP/3www.animapuglia.it/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.2 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeJavaScript source, ASCII text Hash7400be6825870bab4c9b079e24e0132d 394e6d8296d3cee3628a106d7e091f066c606af8 8b9e686457dcdbe229329076432ea1239d05c3d4411f89bcebf0951bbf00ff6d
GET /wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.2 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"1fb-662f04fa-2b5067;br"
last-modified: Mon, 29 Apr 2024 02:24:58 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PnLVEWWQnNmr6CRXkaNMf3ZZAxAorY20MQsGfXhweaWIj0EcQzXKl4TeBS8n9Gk%2BpUD6gJXjnQyE8fLXHetJJkXyseatiWlafr5T1QhqZXEveF0Y12y%2F4WVtyVcHGmRqC4B1cRc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449f1d4156af-OSL
content-encoding: br
|
|
| www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/ticker.js?ver=1.2.1 | 172.67.162.22 | 200 OK | 8.9 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/ticker.js?ver=1.2.1 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeJavaScript source, ASCII text Hash713b48f26bc87130e2f0a9c490dcdafa d1d247b84ab6eac2f8fee1813756efa33e454aec 7b03ff0224edb6094db4bcb2a81fedfda9e74fc38539a1f0ea68b9294445a324
GET /wp-content/themes/newspaper-eye/assets/js/ticker.js?ver=1.2.1 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"627a-6631e7ea-372135;br"
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S66CwIzMO%2BPoHEsahtKXjEK0Eoc5fRey36CijTVhrSJz3dRKEZRMN243Jo02xEyDL5my63jNHz%2Fwh1JBYuiJimQ86Jh%2Ff7djdiP1iRUOnQvn9a%2F3tEmZeuKqkUFheRlnf8qvmok%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449f0d3856af-OSL
content-encoding: br
|
|
| www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/responsive.css?ver=1.0.6 | 172.67.162.22 | 200 OK | 7.0 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/responsive.css?ver=1.0.6 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeASCII text, with very long lines (1934), with no line terminators Hasha0b424fdc3ec2781b0e31ca159b9eef5 e681855ba47ebedab1cf1e7f46d8b16b0880d7f9 29304a3c6e377624c153a6fcccdc5e086b74a518bb0b41f141bafea9e11a8557
GET /wp-content/themes/newspaper-eye/assets/css/responsive.css?ver=1.0.6 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=2777
alt-svc: h3=":443"; ma=86400
etag: W/"ad9-6631e7ea-37212e;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eXTBrjgoBNn0r8elljx28HbvJ2qO05d%2BB2I1EUZ677Zt8b5kwPzswS%2FZFFVGci9MNMoiJHdWVgTQeCfgkcB6ZffqW0d5h3YPZ5qBOrg5uwxFQ3kaAhopvFM1FVZdFB2AK4nf9Pc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449eed1a56af-OSL
content-encoding: br
|
|
| www.animapuglia.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 172.67.162.22 | 200 OK | 11 kB |
URL GET HTTP/3www.animapuglia.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"3509-65f308ad-430453;br"
last-modified: Thu, 14 Mar 2024 14:24:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=srAZpNw3VplQNq9UFtaa3nCiC4hK3E1bxY9AswS64sHJHgoULqZLLtSdyBfx%2BfMkenhk0eWaWz0omMWzcolreKYjgUTF7VAN98KYQa63rAVAKB6oKaK4V%2BJmnuYy4nwV6%2FaFRI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449efd2256af-OSL
content-encoding: br
|
|
| heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js | 192.243.61.227 | 200 OK | 12 kB |
URL GET HTTP/1.1heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectheedlessplanallusion.com Fingerprint22:FE:62:81:B7:05:16:32:08:5A:33:B1:A4:DE:C2:EC:39:69:1B:DB ValiditySun, 17 Mar 2024 07:41:47 GMT - Sat, 15 Jun 2024 07:41:46 GMT
File typeJavaScript source, ASCII text, with very long lines (31327), with no line terminators Hashb0ee98b847e3c6142da4c2b877563776 5fce28006fd74ee17a03e8e1010e7a5e7b74718e 17f3daeac9563a0b6f81c29e3eac48f9771c9133d021160e1e8a66100866ee16
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /9d3b448e547be241c68efc985e24dcc2/invoke.js HTTP/1.1
Host: heedlessplanallusion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8cf647be5ae293b231c19dc4021a3ee4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 3.164.222.26 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP3.164.222.26:0
Hash353dbae1e1b45a750770ae51bef13ba7 465917a2a0bbb947e9727e7f08b584a82aa6fb81 9fa5becc3e07f31f2f08bf5f331d6bfda4f6386634ea524bc3a8c56ac1c0bc2b
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 03 May 2024 21:15:45 GMT
Last-Modified: Fri, 03 May 2024 19:53:33 GMT
Server: ECAcc (ska/F775)
X-Cache: Miss from cloudfront
Via: 1.1 b01c786d61caf32e94417e7b5578c60e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: SIcCfGA1ZpC6wrraROqsm0RmyMsDuOFZRMdXPrJ2mfPuWd3SoCojoQ==
Age: 4932
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash69b0e8cc069bbf851f71b5531dfbfd81 126904a48e194fa98787f94942dcf37646322e38 13835c3c3b7f7a900600521ea136d6ce7b256aec9c6e5f2d46d735d093155ee0
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.animapuglia.it
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 21:15:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.animapuglia.it
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=c37d501c-817a-418d-abf2-8a0d53f835b5:2:1; expires=Mon, 01 May 2034 21:15:45 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js | 192.243.61.227 | 200 OK | 12 kB |
URL GET HTTP/1.1heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectheedlessplanallusion.com Fingerprint22:FE:62:81:B7:05:16:32:08:5A:33:B1:A4:DE:C2:EC:39:69:1B:DB ValiditySun, 17 Mar 2024 07:41:47 GMT - Sat, 15 Jun 2024 07:41:46 GMT
File typeJavaScript source, ASCII text, with very long lines (31330), with no line terminators Hash4631f3166d8d22337eab137d551fe671 e9e660f233d06df79b8f02afbf11ad5e8e66258e f22ca8830a32809507db49454ef76f4a4b10750f6c5bb0f08946b170eb608c10
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /9d3b448e547be241c68efc985e24dcc2/invoke.js HTTP/1.1
Host: heedlessplanallusion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f082756132ac3963b029504006c824f2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| fonts.gstatic.com/s/frankruhllibre/v21/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2 | 216.58.207.227 | 200 OK | 44 kB |
URL GET HTTP/2fonts.gstatic.com/s/frankruhllibre/v21/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2 IP216.58.207.227:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 44372, version 1.0 Hashaad297b90cf16b705fe7a61422ba3771 672088bfb217973489968a662376c46816f9376c 523e12ec4882988ae8c43f71e35ea24fccd8560997c349a0a24c27c6682573fb
GET /s/frankruhllibre/v21/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.animapuglia.it
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 10:06:55 GMT
expires: Sat, 03 May 2025 10:06:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 11 Apr 2024 18:31:48 GMT
content-type: font/woff2
age: 40130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| wingstoesassemble.com/watch.1241730837865.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&tz=0&dev=e&res=14.2071&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 | 172.240.253.132 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1wingstoesassemble.com/watch.1241730837865.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&tz=0&dev=e&res=14.2071&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 IP172.240.253.132:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectwingstoesassemble.com Fingerprint57:98:C0:6E:1E:52:1E:0E:0E:6E:7D:82:04:98:75:A1:6E:59:8F:DF ValidityTue, 30 Apr 2024 15:28:30 GMT - Mon, 29 Jul 2024 15:28:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1241730837865.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&tz=0&dev=e&res=14.2071&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 HTTP/1.1
Host: wingstoesassemble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.animapuglia.it
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:45 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.animapuglia.it
Access-Control-Allow-Origin: https://www.animapuglia.it
Access-Control-Allow-Credentials: true
Location: https://wingstoesassemble.com/watch.1241730837865.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=f5e80fe631ce529d916cdf1e9cdc3ac5487c38a436d41b1ecab4096e79de3e52d88edd62fb5137803537d9a86fe79cac660805a7044df3c87d7804b5dcd932adcc6388d6957f29b71dd132dd251eecb3e7c067ed74deb8defbdf9250271c202a&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
Set-Cookie: u_pl=16664818; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2NDgxOCwiayI6IjlkM2I0NDhlNTQ3YmUyNDFjNjhlZmM5ODVlMjRkY2MyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Imo2YzYxNGp3YmciLCJjcGtzIjp7IjI4IjoiNGJiYzIzYTkyZGI3NjhiYWI3MzgyMDg5MGJkOGZhM2QiLCIyOSI6IjczMzQzNmNkNjM5YWRjNjlkN2IxMTBlNzQ4NmYwYWVhIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5hbmltYXB1Z2xpYS5pdC9uaW1vZXMvMjAyNC8wNS8wNC8xNDYzOFNGZHkzMFh0RS8iLCJhciI6W119fQ.7a0MdKPkzegWWRcl9jrvJPHlc8jGgHMrl0onyBd-wCY; expires=Fri, 03 May 2024 21:16:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8dc9c6585d47bfef6ad12e69ee0ddea9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/mobile-menu.js?ver=1.0.6 | 172.67.162.22 | 200 OK | 79 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/mobile-menu.js?ver=1.0.6 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeJavaScript source, ASCII text Hash95079801e103934b5400827b58f81a20 76ff8f501132357db688426f68f48057c9ec76be d980ce158727574d15b234ffbe8d27c8e2136eda5ae1854376a434ea27274290
GET /wp-content/themes/newspaper-eye/assets/js/mobile-menu.js?ver=1.0.6 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"dc1-6631e7ea-372132;br"
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aE5it5zTz3PsnQkW7cohTEb9cC74XKFQEMG%2Fy2XZ4MJXQ4fGSc5YOpJkW6lGt3QNd4Pjh5OREAtjT3n%2FLLWYlkuTnjXcQsxWBq9F2lIACyLmXITCgvcmJcmbxf99n1y%2B5Uzd%2FIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449f0d3656af-OSL
content-encoding: br
|
|
| wingstoesassemble.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js | 192.243.61.227 | 200 OK | 30 kB |
URL GET HTTP/1.1wingstoesassemble.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectwingstoesassemble.com Fingerprint57:98:C0:6E:1E:52:1E:0E:0E:6E:7D:82:04:98:75:A1:6E:59:8F:DF ValidityTue, 30 Apr 2024 15:28:30 GMT - Mon, 29 Jul 2024 15:28:29 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash100662ae88f1cf5b107c619842067786 2b577c3b127e08f32d84541b16252f0ea01ef4ee 1e286530f2e2dd056e7395b0b2280037396fb8227ae55c452aec1684d853cb2c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js HTTP/1.1
Host: wingstoesassemble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6e599294b4bed20919ab13f75e00228f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| wingstoesassemble.com/watch.1241730837865.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=f5e80fe631ce529d916cdf1e9cdc3ac5487c38a436d41b1ecab4096e79de3e52d88edd62fb5137803537d9a86fe79cac660805a7044df3c87d7804b5dcd932adcc6388d6957f29b71dd132dd251eecb3e7c067ed74deb8defbdf9250271c202a&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 | 172.240.253.132 | 200 OK | 2.0 kB |
URL GET HTTP/1.1wingstoesassemble.com/watch.1241730837865.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=f5e80fe631ce529d916cdf1e9cdc3ac5487c38a436d41b1ecab4096e79de3e52d88edd62fb5137803537d9a86fe79cac660805a7044df3c87d7804b5dcd932adcc6388d6957f29b71dd132dd251eecb3e7c067ed74deb8defbdf9250271c202a&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 IP172.240.253.132:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectwingstoesassemble.com Fingerprint57:98:C0:6E:1E:52:1E:0E:0E:6E:7D:82:04:98:75:A1:6E:59:8F:DF ValidityTue, 30 Apr 2024 15:28:30 GMT - Mon, 29 Jul 2024 15:28:29 GMT
File typeJavaScript source, ASCII text, with very long lines (2490) Hashccd2d70f47d787e27d7b9edc2731801e 0c4341c9f191b7d55e6fccfea44dac4cd748d04b 80378eb2f1095ceb177d9aba2b4ed7510e3c2b8ba1c9f420c46d95fb40e2a37c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1241730837865.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=f5e80fe631ce529d916cdf1e9cdc3ac5487c38a436d41b1ecab4096e79de3e52d88edd62fb5137803537d9a86fe79cac660805a7044df3c87d7804b5dcd932adcc6388d6957f29b71dd132dd251eecb3e7c067ed74deb8defbdf9250271c202a&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 HTTP/1.1
Host: wingstoesassemble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.animapuglia.it
Referer: https://www.animapuglia.it/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16664818; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2NDgxOCwiayI6IjlkM2I0NDhlNTQ3YmUyNDFjNjhlZmM5ODVlMjRkY2MyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Imo2YzYxNGp3YmciLCJjcGtzIjp7IjI4IjoiNGJiYzIzYTkyZGI3NjhiYWI3MzgyMDg5MGJkOGZhM2QiLCIyOSI6IjczMzQzNmNkNjM5YWRjNjlkN2IxMTBlNzQ4NmYwYWVhIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5hbmltYXB1Z2xpYS5pdC9uaW1vZXMvMjAyNC8wNS8wNC8xNDYzOFNGZHkzMFh0RS8iLCJhciI6W119fQ.7a0MdKPkzegWWRcl9jrvJPHlc8jGgHMrl0onyBd-wCY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.animapuglia.it
Access-Control-Allow-Origin: https://www.animapuglia.it
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=c37d501c-817a-418d-abf2-8a0d53f835b5:2:1; expires=Fri, 10 May 2024 21:15:45 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8516c5c02e20a3f23db7fedc636ade66
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.animapuglia.it/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 172.67.162.22 | 200 OK | 31 kB |
URL GET HTTP/3www.animapuglia.it/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"15601-65f308ae-43045b;br"
last-modified: Thu, 14 Mar 2024 14:24:46 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2F8CRw9G%2BGulZ9PfaTzoWaNZTVp1jr8TsnohFi18UDZpNBWO7CGuMNasnavb2iJ42lnLGdoB%2FFrOp7fJ9oa0M38%2F2D1jcDzOLgvIui0uQyFodh8S1XXHcKfWp4uROHNTOMxxgv4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449eed1c56af-OSL
content-encoding: br
|
|
| www.animapuglia.it/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.2 | 172.67.162.22 | 200 OK | 31 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.2 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeJavaScript source, ASCII text Hash110e06930c2043d5439adeb9999f07f5 1294fd7195b1c2652c3627fe7a57f71d447313b3 d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
GET /wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.2 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"3f9-660d8b69-27721e;br"
last-modified: Wed, 03 Apr 2024 17:01:29 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Burj%2BzEXTC1ih47VSu2zUMk56KXEFpBxOY33QbmXAbWhMYq8qyn6yIhGOzM7mppzy8iFE9UhZruQK02vYp1kWSc6r7opYj4Lwc0EudDSCRGRlEtYEZNqQeha9Ho4wLYBYlPYA1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449efd2c56af-OSL
content-encoding: br
|
|
| www.animapuglia.it/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 | 172.67.162.22 | 200 OK | 5.4 kB |
URL GET HTTP/3www.animapuglia.it/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:45 GMT
content-type: text/javascript
etag: W/"4926-660cbe03-430390;br"
last-modified: Wed, 03 Apr 2024 02:25:07 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xL2AGwpkIwJy%2BfH5%2FX9DcJVC7DMg5i5fm5GZZPmORmjL%2Bw2EX4RFx%2FaRXB4BUm6emFkG4u00neaCV2%2FYK11XdiM8rZ3aqWUm1i9sOnVk3U1jMFPQ9c5qaaDFrCHSu59r0IM7KAo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e344a87d9d56af-OSL
content-encoding: br
|
|
| cdn.cloudimagesb.com/cti/2a/64/ce/2a64ce8eda8dd978aa075a952612a996/1707813839.png | 45.133.44.10 | 200 OK | 127 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/2a/64/ce/2a64ce8eda8dd978aa075a952612a996/1707813839.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Size127 kB (126881 bytes) Hash2b3a88d55519a3486d66d937f650bc1e ada2d70a5653252dbb2a16fcbaee6b0a082d7649 cb63305035c57bf9d2d2cdca42c28adf15860b1807c7a40c6a1bfd72058848f1
GET /cti/2a/64/ce/2a64ce8eda8dd978aa075a952612a996/1707813839.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 21:15:45 GMT
content-type: image/png
content-length: 126881
server: nginx/1.21.6
last-modified: Tue, 13 Feb 2024 08:44:07 GMT
etag: "65cb2bd7-1efa1"
expires: Sun, 05 May 2024 21:15:45 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| inconveniencemimic.com/watch.422356533491.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=26b3a03c7ec222394b420dfe7810dbaa0441537cf2effb096462babf104318a44d49cb05c2e466f23edd9ad4953c611fa6f222b0ffd4257746c90d4a3b54a2d1752eb2157a6177636881cd8959976d06df97b7322a5a60d683c6adecd6a918&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 | 192.243.61.227 | 200 OK | 2.0 kB |
URL GET HTTP/1.1inconveniencemimic.com/watch.422356533491.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=26b3a03c7ec222394b420dfe7810dbaa0441537cf2effb096462babf104318a44d49cb05c2e466f23edd9ad4953c611fa6f222b0ffd4257746c90d4a3b54a2d1752eb2157a6177636881cd8959976d06df97b7322a5a60d683c6adecd6a918&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectinconveniencemimic.com FingerprintAF:84:31:F6:C9:08:AA:86:11:4D:BF:62:E5:2A:DB:57:5B:6E:E2:36 ValidityMon, 29 Apr 2024 08:23:14 GMT - Sun, 28 Jul 2024 08:23:13 GMT
File typeJavaScript source, ASCII text, with very long lines (2489) Hashaf917a370d3f39a1c892aaacb9571399 4278df705e2bdffe8877422a4e41d3fb490ca15e 2cb3d50c4ed5c4c095eec84596ddd76619b01d52c84f8989680812db6c55f268
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.422356533491.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=26b3a03c7ec222394b420dfe7810dbaa0441537cf2effb096462babf104318a44d49cb05c2e466f23edd9ad4953c611fa6f222b0ffd4257746c90d4a3b54a2d1752eb2157a6177636881cd8959976d06df97b7322a5a60d683c6adecd6a918&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 HTTP/1.1
Host: inconveniencemimic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.animapuglia.it
Referer: https://www.animapuglia.it/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16664818; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2NDgxOCwiayI6IjlkM2I0NDhlNTQ3YmUyNDFjNjhlZmM5ODVlMjRkY2MyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Imo2YzYxNGp3YmciLCJjcGtzIjp7IjI4IjoiNGJiYzIzYTkyZGI3NjhiYWI3MzgyMDg5MGJkOGZhM2QiLCIyOSI6IjczMzQzNmNkNjM5YWRjNjlkN2IxMTBlNzQ4NmYwYWVhIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5hbmltYXB1Z2xpYS5pdC9uaW1vZXMvMjAyNC8wNS8wNC8xNDYzOFNGZHkzMFh0RS8iLCJhciI6W119fQ.7a0MdKPkzegWWRcl9jrvJPHlc8jGgHMrl0onyBd-wCY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.animapuglia.it
Access-Control-Allow-Origin: https://www.animapuglia.it
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=c37d501c-817a-418d-abf2-8a0d53f835b5:2:1; expires=Fri, 10 May 2024 21:15:45 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41e540337b3d944262a9be4477eaa8d0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.cloudimagesb.com/cti/5e/a7/e0/5ea7e0aff4bf51bee11fade7700f6f28/1707923235.jpg | 45.133.44.10 | 200 OK | 120 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/5e/a7/e0/5ea7e0aff4bf51bee11fade7700f6f28/1707923235.jpg IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x250, components 3 Size120 kB (119736 bytes) Hashb6302f100b68f462859b1b4dec28ca24 27c2593c480cb61b0b7b143048cff5e56de9ffd4 bb6c58cea0780621cf7c4f5504248183ee986753fe53eaacaec915817cb18b1a
GET /cti/5e/a7/e0/5ea7e0aff4bf51bee11fade7700f6f28/1707923235.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 May 2024 21:15:46 GMT
content-type: image/jpeg
content-length: 119736
server: nginx/1.21.6
last-modified: Wed, 14 Feb 2024 15:07:23 GMT
etag: "65ccd72b-1d3b8"
expires: Sun, 05 May 2024 21:15:46 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| impatientliftdiploma.com/pixel/purst?dl=0&th=0&sc=0&rs=2518&rd=2518&fd=558&bv=24.5.6485&tmpl=136 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1impatientliftdiploma.com/pixel/purst?dl=0&th=0&sc=0&rs=2518&rd=2518&fd=558&bv=24.5.6485&tmpl=136 IP172.240.108.84:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectimpatientliftdiploma.com Fingerprint64:70:CB:19:1D:86:2C:EF:2A:8A:6C:AB:E1:D1:06:C2:0E:8B:2C:49 ValidityMon, 29 Apr 2024 13:13:46 GMT - Sun, 28 Jul 2024 13:13:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=2518&rd=2518&fd=558&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: impatientliftdiploma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:46 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| www.animapuglia.it/wp-content/uploads/2024/05/cropped-Screen-Shot-2024-05-01-at-14.54.39-192x192.png | 172.67.162.22 | 200 OK | 4.8 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/uploads/2024/05/cropped-Screen-Shot-2024-05-01-at-14.54.39-192x192.png IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typePNG image data, 192 x 192, 8-bit grayscale, non-interlaced Hashf848f15b939d8fab3634c85366cb7064 4634debb9e85f97e41d50a04934a0154c535f6a2 46cea472bc8590dd4972cde0b7dbf2c31f3ad3907ef1590942a08ff8487295a7
GET /wp-content/uploads/2024/05/cropped-Screen-Shot-2024-05-01-at-14.54.39-192x192.png HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:46 GMT
content-type: image/png
content-length: 4827
cache-control: public, max-age=43200
expires: Sat, 04 May 2024 02:47:43 GMT
etag: "12db-6631e75d-43086b;;;"
last-modified: Wed, 01 May 2024 06:55:25 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 23283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5YiGsJfd67okmMaP0rHkrOwo%2Frqy8AeLfZKkYVm3kvOfq9WHcGKohR2UQYrXPtfD1cpAk0ZqxQ87SEoAGTnnwgDjDTJcm7RinVBKRAzzXTTqTPNhANRckmfpctM8qlAlLbzEXA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e344ad29fe56af-OSL
|
|
| www.animapuglia.it/wp-content/uploads/2024/05/cropped-Screen-Shot-2024-05-01-at-14.54.39-32x32.png | 172.67.162.22 | 200 OK | 555 B |
URL GET HTTP/3www.animapuglia.it/wp-content/uploads/2024/05/cropped-Screen-Shot-2024-05-01-at-14.54.39-32x32.png IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typePNG image data, 32 x 32, 8-bit grayscale, non-interlaced Hashb4639b79f26f350ae29d88eec33c2139 e878d007cd69148365435eeb5973c9d920bf2813 f5f995def8991d5924b3f55616f1bbbc6713924918b8d97a1b64b3a5bbc7422a
GET /wp-content/uploads/2024/05/cropped-Screen-Shot-2024-05-01-at-14.54.39-32x32.png HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:46 GMT
content-type: image/png
content-length: 555
cache-control: public, max-age=43200
expires: Fri, 03 May 2024 20:38:53 GMT
etag: "22b-6631e75d-43086d;;;"
last-modified: Wed, 01 May 2024 06:55:25 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KIVCrLk9C3wQYlTX6h5F8iQfJec9cWQfxtPgSwG6R6ABPg2y4uPBJzEr8Q9jqEKnpnKzZvR6dwZi%2FK6GiU5qf6nYopofFUgTqwCJokw%2FM8WWZEr8hMS5s%2FjnR9r2QltztmOPnNM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e344ad4a2556af-OSL
|
|
| unseenreport.com/pxf.gif?uuid=c37d501c-817a-418d-abf2-8a0d53f835b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4bbc23a92db768bab73820890bd8fa3d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 | 192.243.59.13 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=c37d501c-817a-418d-abf2-8a0d53f835b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4bbc23a92db768bab73820890bd8fa3d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=c37d501c-817a-418d-abf2-8a0d53f835b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4bbc23a92db768bab73820890bd8fa3d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 May 2024 21:15:46 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1910555d8d77c9b21abfce0deb040b71
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/default-style.css?ver=1.0.6 | 172.67.162.22 | 200 OK | 4.5 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/default-style.css?ver=1.0.6 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeASCII text, with very long lines (4476), with no line terminators Hashc545ebb7cdc388667909cb65d0f7a7a8 b7f58479fd6f0b304fb1f6eeca1f03ea563ddfad d81719b6d6c52897920be1160dd3f190d281fc7152ecbdfec612d5364a3c69b7
GET /wp-content/themes/newspaper-eye/assets/css/default-style.css?ver=1.0.6 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=7390
alt-svc: h3=":443"; ma=86400
etag: W/"1cde-6631e7ea-37212c;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZB7Hbztkeak6IboBdPcuWCKrS6rjTrhFbSvmrmpgBamXFwX5bT4zXZkToRLdImsIQ72RVtg3tnXx9LxI3vbBJvgHv73X9xwY2Dg6SUxUZ77EdTTg7SFRHTTFdI65vM2bT9mzgrE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449eed1256af-OSL
content-encoding: br
|
|
| www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/scripts.js?ver=1.0.6 | 172.67.162.22 | 200 OK | 1.3 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/scripts.js?ver=1.0.6 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeJavaScript source, ASCII text, with very long lines (1443), with no line terminators Hash18599547ce1042f2828ed16c721960c8 6cee8fdc2f96225ab645c2bf677a549c5278c1a9 8505b9f7d0a49ecda693864f1861157b23a6dd1165d49770af492530740a54cb
GET /wp-content/themes/newspaper-eye/assets/js/scripts.js?ver=1.0.6 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"51b-6631e7ea-372134;br"
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l0%2FrgRwXFvjSyL5z40jprqdMQSi8xYBtytuJkMXdbLfm1fs8PmsiXiwSbMT7qmFbK1bpwsI8aGr4%2FmSFmnGn3Lf1U3R%2Bwp8SWJGEEJON16Gh5gBybvNZ%2Fno6GBz8avNQOif%2FFX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449f1d3f56af-OSL
content-encoding: br
|
|
| www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/all.css?ver=5.15.3 | 172.67.162.22 | 200 OK | 59 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/all.css?ver=5.15.3 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeASCII text, with very long lines (59327) Hash7a9336a972a40b34b9a780cf040b3d87 c8ded5f8a836fd032831e26eaec347e124f5468c 7bc786c4f462d34ffbc51d1d3f96838c6663b100a7f80a2b3d56a472e43aa061
GET /wp-content/themes/newspaper-eye/assets/css/all.css?ver=5.15.3 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=73626
alt-svc: h3=":443"; ma=86400
etag: W/"11f9a-6631e7ea-372128;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FAhXrlT8MtXOBaApN3nO6dRbvxCtRtHSF6GIbZPi2pxHo5cc%2FHqM7JLWXEfP0gk1jz5kMG4o7HxsAU2hVWeG3intaGU8opJH%2F4nRSzHqzCfTqEo7wzeFfAS1TABzSC5r%2BCeL8PA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449edd0c56af-OSL
content-encoding: br
|
|
| inconveniencemimic.com/watch.422356533491.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&tz=0&dev=e&res=14.2071&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 | 192.243.61.227 | 307 Temporary Redirect | 3.4 kB |
URL GET HTTP/1.1inconveniencemimic.com/watch.422356533491.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&tz=0&dev=e&res=14.2071&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectinconveniencemimic.com FingerprintAF:84:31:F6:C9:08:AA:86:11:4D:BF:62:E5:2A:DB:57:5B:6E:E2:36 ValidityMon, 29 Apr 2024 08:23:14 GMT - Sun, 28 Jul 2024 08:23:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.422356533491.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&tz=0&dev=e&res=14.2071&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 HTTP/1.1
Host: inconveniencemimic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.animapuglia.it
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:45 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.animapuglia.it
Access-Control-Allow-Origin: https://www.animapuglia.it
Access-Control-Allow-Credentials: true
Location: https://inconveniencemimic.com/watch.422356533491.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=26b3a03c7ec222394b420dfe7810dbaa0441537cf2effb096462babf104318a44d49cb05c2e466f23edd9ad4953c611fa6f222b0ffd4257746c90d4a3b54a2d1752eb2157a6177636881cd8959976d06df97b7322a5a60d683c6adecd6a918&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
Set-Cookie: u_pl=16664818; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2NDgxOCwiayI6IjlkM2I0NDhlNTQ3YmUyNDFjNjhlZmM5ODVlMjRkY2MyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Imo2YzYxNGp3YmciLCJjcGtzIjp7IjI4IjoiNGJiYzIzYTkyZGI3NjhiYWI3MzgyMDg5MGJkOGZhM2QiLCIyOSI6IjczMzQzNmNkNjM5YWRjNjlkN2IxMTBlNzQ4NmYwYWVhIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5hbmltYXB1Z2xpYS5pdC9uaW1vZXMvMjAyNC8wNS8wNC8xNDYzOFNGZHkzMFh0RS8iLCJhciI6W119fQ.7a0MdKPkzegWWRcl9jrvJPHlc8jGgHMrl0onyBd-wCY; expires=Fri, 03 May 2024 21:16:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c6736d17e5ed7d42be677f185b8fe15e
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| inconveniencemimic.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js | 192.243.61.227 | 200 OK | 84 kB |
URL GET HTTP/1.1inconveniencemimic.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectinconveniencemimic.com FingerprintAF:84:31:F6:C9:08:AA:86:11:4D:BF:62:E5:2A:DB:57:5B:6E:E2:36 ValidityMon, 29 Apr 2024 08:23:14 GMT - Sun, 28 Jul 2024 08:23:13 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash661467ca83a1afcc710eb775ab524411 a6bfb65e6e596e781a084052e2cc41fe0287e709 9143fa2db024bcbf56a8b69f7fa7d877b8f40efb53f4994587f97aaff9469b0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js HTTP/1.1
Host: inconveniencemimic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 87cecfef5256491d6476f7ee2fc7597b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/admin-block.css?ver=1.0 | 172.67.162.22 | 200 OK | 1.9 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/admin-block.css?ver=1.0 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeASCII text, with very long lines (1895), with no line terminators Hash992c56bf160d98d31f326d39b266af55 9e6eb738d801aca8351126f4334bcc1771af8a1f 58891be47a14302f78b4afeed4a9f5b7875900bba044388d3be677f5f9f9b7f0
GET /wp-content/themes/newspaper-eye/assets/css/admin-block.css?ver=1.0 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=2562
alt-svc: h3=":443"; ma=86400
etag: W/"a02-6631e7ea-372127;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BgsmpkrWRCIxh%2B9dHy1RrGcwMXIuTHLocwPkNTvTUn1u1ivwrPPSpLLblriPmIpLNF9ofEpdvyXBQyYrNm3tZkeBaCcgBLuF1dBouhu2RgjICdfZsmr%2FuGBR7420yItyuOixaEk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449edd0256af-OSL
content-encoding: br
|
|
| www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/bootstrap.css?ver=5.2.2 | 172.67.162.22 | 200 OK | 196 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/bootstrap.css?ver=5.2.2 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
Size196 kB (196490 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/newspaper-eye/assets/css/bootstrap.css?ver=5.2.2 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=237994
alt-svc: h3=":443"; ma=86400
etag: W/"3a1aa-6631e7ea-37212a;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uK20vU5F0SDC9Uy9RH7KgmFAsBvxAfBSgFj7v7leSnf%2BQ3x%2FWYHYQqwdASpFfx5EUxVnJLO7Veouxfmt%2F4VQgkOdrgSq6TMh5przFaiD5ElYQ99zVo5%2FuJQzzoV4phvfelNvInQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449edd0856af-OSL
content-encoding: br
|
|
| www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/main.css?ver=1.0.6 | 172.67.162.22 | 200 OK | 21 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/main.css?ver=1.0.6 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeASCII text, with very long lines (21167), with no line terminators Hashc01d3e74828fef530cc9ad5c47297ac0 00f42d25c8cc1cc2567c116e842269819ede892a f97066b9a9c72ad87e98ff667ac6e0488587560d8ee07cbcc6facfced3ace185
GET /wp-content/themes/newspaper-eye/assets/css/main.css?ver=1.0.6 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=27777
alt-svc: h3=":443"; ma=86400
etag: W/"6c81-6631e7ea-37212d;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=STt10BcwCbUxuIWpM2o%2BxxDDKxZFGGP1cZ2Kp%2FjTw1Mz6T0thWnU4dgODMIYbgh89PBc2FN84xH8GqM3d5cj3DQzxfwoDmxNgagBiMWvaf9PScbHO1jZTqF7eddlITrl5Ty04Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449eed1356af-OSL
content-encoding: br
|
|
| www.animapuglia.it/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 | 172.67.162.22 | 200 OK | 113 kB |
URL GET HTTP/3www.animapuglia.it/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
Size113 kB (113381 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
expires: Fri, 03 May 2024 20:38:49 GMT
etag: W/"1bae5-660cbe03-430288;br"
last-modified: Wed, 03 Apr 2024 02:25:07 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6MhirbjPWkT4jY9BcYH1qn%2BlNgDLPT416y5NLwJklifG0U2WPeThAm4WRsY1fNAFaCfVXZDQciu61OZPRzG6JVJIOWB2f%2FT%2BlGtmEBKo4fJYee7N%2FJmyfkYNYjHfcNB8e5QT5Ps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449edd0156af-OSL
content-encoding: br
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 21:15:45 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 91bda845af69877c81c8284e3ed7f381
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 03 May 2024 21:15:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QUHnVG7yz9SKQ57jnNnUHZCKDl83SdjBmzgVKhVQrYPGmrx6bYZrGPEkjDaHyFPueiUGiJz9dy1NWYvQ2YuLXmT77h8%2FFuq6tLXIM1NOZ4lRYY9TKwo1SUWBvm%2BZGqDKMOCwobO6FYPYkBqB8yc6RA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e344aaaa35b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.animapuglia.it/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 | 172.67.162.22 | 200 OK | 2.4 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeASCII text, with very long lines (2367), with no line terminators Hash79dc2fc9e9be25c4e4b65af78a1cf86a 36b819e4e1c0761f95c86743a307cff518e4c7ef da26f75773d686f672adddeabc4378a593a11845f01c01dbd2c941744d2ff96a
GET /wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=2713
alt-svc: h3=":443"; ma=86400
etag: W/"a99-660d8b69-27723d;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 03 Apr 2024 17:01:29 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z8zpIKqz6t5wwKfqFoMGVohHmkPsMy14cVxDC6yT0fNZ46BPJOX3oBcureJi9R7mS%2Bk848D%2B%2B9%2BrpK%2Bcj%2B%2BcxLJZYoREqv7GUPKkaDjo5dNkZfdKmOalELTaSqFJUXBx9l29FUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449edd0756af-OSL
content-encoding: br
|
|
| www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/block.css?ver=1.0.6 | 172.67.162.22 | 200 OK | 3.0 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/block.css?ver=1.0.6 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeASCII text, with very long lines (3008), with no line terminators Hash53c3167969baea2b79765403ae06922a 872092d8fb5d9ed63f054ba9bb760c85f25ab24b 7bf106c9644b9e0163d13cdeba2842bc8b3d5192f1faab4d05e29aeabd40e982
GET /wp-content/themes/newspaper-eye/assets/css/block.css?ver=1.0.6 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=4155
alt-svc: h3=":443"; ma=86400
etag: W/"103b-6631e7ea-372129;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGzBg20Q9UBENoM7lDK9%2Fv7eF5KnmaFrcNni3qmQpE6TnJjQGaQhzp4nuzFu1LoyjOw%2BNDXEguhV1B4lUN5jvSZbKHZnxazFdMQJli5v%2FU8upJCbXQlyJ9qcElok4ozdz6qVPjg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449eed0e56af-OSL
content-encoding: br
|
|
| fonts.googleapis.com/css?family=Inter+Local%3A400%2C400i%2C700%2C700i%7CFrank+Ruhl+Libre%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext | 142.250.74.106 | 200 OK | 2.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Inter+Local%3A400%2C400i%2C700%2C700i%7CFrank+Ruhl+Libre%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext IP142.250.74.106:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (2226), with no line terminators Hash06c1988ae060a54d37ee6c478011a6eb 065ffe9f8ab35492d60c3cac8246db1b4282a47b 493cedd2fd101089bd1a824dc128d2d3208642729a004328cb80d9192441ab7b
GET /css?family=Inter+Local%3A400%2C400i%2C700%2C700i%7CFrank+Ruhl+Libre%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 May 2024 21:15:43 GMT
date: Fri, 03 May 2024 21:15:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.animapuglia.it/wp-includes/js/masonry.min.js?ver=4.2.2 | 172.67.162.22 | 200 OK | 24 kB |
URL GET HTTP/3www.animapuglia.it/wp-includes/js/masonry.min.js?ver=4.2.2 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeJavaScript source, ASCII text, with very long lines (23966) Hash3b3fc826e58fc554108e4a651c9c7848 76778fd446e2ff2377588a7b4ac4d79f258427c9 e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"5e4a-65f308ad-430366;br"
last-modified: Thu, 14 Mar 2024 14:24:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=18uG83Lk4YSIWSgNLUxqCDqFszvAEauWpiwhOyL5X%2Bf0lkNCty3ow2XFIss3BB3ogCUH3k0w8KFaGINrALY8rIOCuO8bMFQGeoqIO%2B79aZNNBU8SpOqD1TjOdhQybX5IJ7HmW%2Bk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449f0d3356af-OSL
content-encoding: br
|
|
| www.animapuglia.it/wp-content/themes/newspaper-eye/style.css?ver=1.0.6 | 172.67.162.22 | 200 OK | 2.0 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/themes/newspaper-eye/style.css?ver=1.0.6 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeASCII text, with very long lines (1994), with no line terminators Hash92b57f0071c9d203d08576c4d01bbe99 ee8c6c7fb902b08c52f6e64acc3988dfd1484bf0 ee61931f824f48dffcb2e1f36c174e0ba7e9b09e5cc30a4071c40acd93ab7629
GET /wp-content/themes/newspaper-eye/style.css?ver=1.0.6 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=1984
alt-svc: h3=":443"; ma=86400
etag: W/"7c0-6631e7ea-372164;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yBiV5sya%2BvfHD2GGdbh8Y%2F9TVLzFPLeFKZ%2BjEIHKOugce0pKabl%2Fhg2Joek4h2iBk5S4h4bGaJ6JL%2FnRugKZ1VdCb1qFAGRtpyFFaIetD7ltFuCX4RJ4pjTxWkyd9LFij6j8EYc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449eed1656af-OSL
content-encoding: br
|
|
| www.animapuglia.it/wp-content/themes/newspaper-eye/assets/webfonts/fa-solid-900.woff2 | 172.67.162.22 | 200 OK | 78 kB |
URL GET HTTP/3www.animapuglia.it/wp-content/themes/newspaper-eye/assets/webfonts/fa-solid-900.woff2 IP172.67.162.22:443
Requested byhttps://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 78196, version 331.-31261 Hashe8a427e15cc502bef99cfd722b37ea98 a9922842a120a7f1eaced667480c5e185a106d69 d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
GET /wp-content/themes/newspaper-eye/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/all.css?ver=5.15.3
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:45 GMT
content-type: font/woff2
content-length: 78196
cache-control: public, max-age=43200
expires: Fri, 03 May 2024 20:38:51 GMT
etag: "13174-6631e7ea-372144;;;"
last-modified: Wed, 01 May 2024 06:57:46 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FagXAzdcTeoQW76SrfZ3VUs1jG729QQGBnWGMRXPkk7ZNKh6mKdkHFLdLCyvuMBMyOHNa23HqFfvmAwHUVWS7tBW2kNEzR39KofKpcaNQrReeTATmA8AcqiJtNa1mnRKQUUqmo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e344a82d7d56af-OSL
|
|
| www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ | 172.67.162.22 | 200 OK | 37 kB |
URL User Request GET HTTP/2www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ IP172.67.162.22:443
CertificateIssuerLet's Encrypt Subjectanimapuglia.it Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6 ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nimoes/2024/05/04/14638SFdy30XtE/ HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 21:15:43 GMT
content-type: text/html; charset=UTF-8
link: <https://www.animapuglia.it/wp-json/>; rel="https://api.w.org/", <https://www.animapuglia.it/wp-json/wp/v2/posts/14638>; rel="alternate"; type="application/json", <https://www.animapuglia.it/?p=14638>; rel=shortlink
vary: Accept-Encoding
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycMmyj%2BHFMbTZigvv4oeRRLczSUzbva%2FFpQgKkiE7tnPu9FOW6sn8y15nzgiGJcYgusrrX%2Fv1TRklmi9H%2ByHi1vg51ybyS%2Bh1rMDFCGvCyX5G8YECUeYBDXD%2BlcoVe6n6VjbQas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449b5fc5568b-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|