Report - www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/

Report Overview

Submitted URL
www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
IP
104.21.34.152
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-03 21:16:10
Access
public
Website Title
A 29-year-old man who raped a sleeping woman in Edinburgh has been jailed – News Anemonedivingcenter
Final URL
www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
impatientliftdiploma.com	unknown	unknown	No data	No data	494 B	467 B	172.240.108.84
www.animapuglia.it	unknown	2024-05-03	2019-03-09	2024-03-11	13 kB	744 kB	172.67.162.22
heedlessplanallusion.com	unknown	2023-09-18	2023-09-18	2024-01-17	888 B	25 kB	192.243.61.227
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-03	338 B	942 B	3.164.222.26
wingstoesassemble.com	unknown	unknown	No data	No data	3.5 kB	37 kB	172.240.253.132
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-05-02	896 B	247 kB	45.133.44.10
inconveniencemimic.com	unknown	2024-04-29	2024-04-30	2024-04-30	3.5 kB	94 kB	192.243.61.227
i1.wp.com	6037	1997-03-28	2012-09-27	2024-05-02	575 B	2.5 kB	192.0.77.2
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-03	543 B	45 kB	216.58.207.227
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-03	415 B	87 kB	188.114.96.1
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-02	532 B	2.8 kB	142.250.74.106
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-02	437 B	425 B	52.29.105.35
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-05-03	738 B	423 B	192.243.59.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-03	medium	heedlessplanallusion.com	Sinkholed
2024-05-03	medium	heedlessplanallusion.com	Sinkholed
2024-05-03	medium	wingstoesassemble.com	Sinkholed
2024-05-03	medium	wingstoesassemble.com	Sinkholed
2024-05-03	medium	wingstoesassemble.com	Sinkholed
2024-05-03	medium	inconveniencemimic.com	Sinkholed
2024-05-03	medium	impatientliftdiploma.com	Sinkholed
2024-05-03	medium	unseenreport.com	Sinkholed
2024-05-03	medium	inconveniencemimic.com	Sinkholed
2024-05-03	medium	inconveniencemimic.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	www.animapuglia.it/wp-includes/js/masonry.min.js?ver=4.2.2	24 kB	2023-03-07	2024-05-21
Pretty URL www.animapuglia.it/wp-includes/js/masonry.min.js?ver=4.2.2 IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-05-21 11:28:31 Times Seen15740 Hash 3b3fc826e58fc554108e4a651c9c7848 76778fd446e2ff2377588a7b4ac4d79f258427c9 e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb Loading...

	www.animapuglia.it/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.2	507 B	2024-03-22	2024-05-20
Pretty URL www.animapuglia.it/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.2 IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 15:26:50 Last Seen2024-05-20 08:35:20 Times Seen47 Hash 7400be6825870bab4c9b079e24e0132d 394e6d8296d3cee3628a106d7e091f066c606af8 8b9e686457dcdbe229329076432ea1239d05c3d4411f89bcebf0951bbf00ff6d Loading...

	wingstoesassemble.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js	84 kB	2024-05-03	2024-05-03
Pretty URL wingstoesassemble.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 23:16:17 Last Seen2024-05-03 23:16:17 Times Seen2 Hash 100662ae88f1cf5b107c619842067786 2b577c3b127e08f32d84541b16252f0ea01ef4ee 1e286530f2e2dd056e7395b0b2280037396fb8227ae55c452aec1684d853cb2c Loading...

	unknown	3.3 kB	2024-05-03	2024-05-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 23:16:17 Last Seen2024-05-03 23:16:17 Times Seen1 Hash 35c5b4b0e239e76075a79a61fc3fcdff bbec7a0dbf20d981f52d831ab59ee7e2e65b5e9d 2ace0224a0cc0bb8daf1ac128b616adeea90731c6caa50617db915ebfaea481c Loading...

	www.animapuglia.it/wp-includes/js/imagesloaded.min.js?ver=5.0.0	5.5 kB	2023-11-08	2024-05-21
Pretty URL www.animapuglia.it/wp-includes/js/imagesloaded.min.js?ver=5.0.0 IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-08 01:34:44 Last Seen2024-05-21 11:28:31 Times Seen7404 Hash 6823120876c9afc8929418c9a6f8e343 90b0adb37d70ffec5f9189c36bb0027c310c9502 b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1 Loading...

	www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/ticker.js?ver=1.2.1	25 kB	2023-03-08	2024-05-17
Pretty URL www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/ticker.js?ver=1.2.1 IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:25:10 Last Seen2024-05-17 08:02:08 Times Seen32 Hash 713b48f26bc87130e2f0a9c490dcdafa d1d247b84ab6eac2f8fee1813756efa33e454aec 7b03ff0224edb6094db4bcb2a81fedfda9e74fc38539a1f0ea68b9294445a324 Loading...

	www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/scripts.js?ver=1.0.6	1.3 kB	2024-05-02	2024-05-08
Pretty URL www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/scripts.js?ver=1.0.6 IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:34:39 Last Seen2024-05-08 06:24:33 Times Seen3 Hash 514abd7191072d5e98f3e8d331d56bed 4e2d3238d782a09017d6e62a9770c4d72c7b556f 39ed91b7f283c5ab377404ab805c0856cad0538f0a8f8d8703a7995b164ba0cd Loading...

	www.animapuglia.it/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2	19 kB	2024-03-13	2024-05-21
Pretty URL www.animapuglia.it/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-13 16:02:37 Last Seen2024-05-21 11:28:32 Times Seen5781 Hash b976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	www.animapuglia.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	14 kB	2023-05-09	2024-05-21
Pretty URL www.animapuglia.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21:05 Last Seen2024-05-21 11:28:31 Times Seen88502 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js	31 kB	2024-05-03	2024-05-03
Pretty URL heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 23:16:17 Last Seen2024-05-03 23:16:17 Times Seen2 Hash b0ee98b847e3c6142da4c2b877563776 5fce28006fd74ee17a03e8e1010e7a5e7b74718e 17f3daeac9563a0b6f81c29e3eac48f9771c9133d021160e1e8a66100866ee16 Loading...

	www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/	3.2 kB	2024-05-03	2024-05-03
Pretty URL www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-03 23:16:17 Last Seen2024-05-03 23:16:17 Times Seen1 Hash 98ff66d132a23771e7376ebaf721322d 58e9c448de6d0f68b1fdc8a13164756623cc29e9 d2d32a30fb5b43a39ef98758ee100ced7dd8927dd7c8d7cd772a766cd757fd27 Loading...

	unknown	145 B	2024-04-26	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 23:59:43 Last Seen2024-05-11 19:07:47 Times Seen13 Hash ddf7646fb83712fc2a5917b331362732 72023e439ff21a3e12309e3cdb31e4e1eb46c54a 1714c05c3fae3df1aa46a9548768aaf477efdecd15bcc94dcc52e53baa0c08bc Loading...

	inconveniencemimic.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js	84 kB	2024-05-03	2024-05-03
Pretty URL inconveniencemimic.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 23:16:17 Last Seen2024-05-03 23:16:17 Times Seen2 Hash 661467ca83a1afcc710eb775ab524411 a6bfb65e6e596e781a084052e2cc41fe0287e709 9143fa2db024bcbf56a8b69f7fa7d877b8f40efb53f4994587f97aaff9469b0b Loading...

	www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/	372 B	2024-04-26	2024-05-11
Pretty URL www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 23:59:43 Last Seen2024-05-11 19:07:47 Times Seen13 Hash c8c3e0ac92321ac255220144febf7214 3d0836fda61dff9850273563d0bccb0c4c60f885 a5a1763d6bde3c83d3396c11cc6d3541147fad4ef4abaf46f2be03e9a555094c Loading...

	heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js	31 kB	2024-05-03	2024-05-03
Pretty URL heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 23:16:17 Last Seen2024-05-03 23:16:17 Times Seen2 Hash 4631f3166d8d22337eab137d551fe671 e9e660f233d06df79b8f02afbf11ad5e8e66258e f22ca8830a32809507db49454ef76f4a4b10750f6c5bb0f08946b170eb608c10 Loading...

	www.animapuglia.it/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	88 kB	2023-11-03	2024-05-21
Pretty URL www.animapuglia.it/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26:43 Last Seen2024-05-21 11:28:31 Times Seen50033 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/	98 B	2024-04-10	2024-05-11
Pretty URL www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-10 17:35:03 Last Seen2024-05-11 19:07:47 Times Seen30 Hash 943d0828305b7fffcee63720ab297353 0af67ef5eeb188730502b4885f171e4c343fb22e ac5930440fe8be9005bae09ce1c2e9458c90f7428bcd7c7eb0191df1e90c71d6 Loading...

	www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/	424 B	2024-05-03	2024-05-03
Pretty URL www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-03 23:16:17 Last Seen2024-05-03 23:16:17 Times Seen1 Hash 1ee7304b867d4f35a2c52432f73b819f afcef546f453b550ebda63621fad0f449706a86c 1619d1068e8effd87e1759eb713438e75861bfe37798d533450ec718f38c9b42 Loading...

	unknown	3.3 kB	2024-05-03	2024-05-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 23:16:17 Last Seen2024-05-03 23:16:17 Times Seen1 Hash 389b1e12c3a6dff15c574f203d7f2280 160ad1d4f8e267e704abbfb75ac8220dd2b7ca84 d9bdf23d7556b571c7c34cb2d71d9aa03982ae384f3c3a13e1fa32443e048d0f Loading...

	www.animapuglia.it/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.2	1.0 kB	2023-03-07	2024-05-20
Pretty URL www.animapuglia.it/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.2 IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:21 Last Seen2024-05-20 10:54:22 Times Seen807 Hash 110e06930c2043d5439adeb9999f07f5 1294fd7195b1c2652c3627fe7a57f71d447313b3 d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767 Loading...

	www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/mobile-menu.js?ver=1.0.6	3.5 kB	2023-03-08	2024-05-17
Pretty URL www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/mobile-menu.js?ver=1.0.6 IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:25:10 Last Seen2024-05-17 08:02:08 Times Seen53 Hash 95079801e103934b5400827b58f81a20 76ff8f501132357db688426f68f48057c9ec76be d980ce158727574d15b234ffbe8d27c8e2136eda5ae1854376a434ea27274290 Loading...

	www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/	198 B	2024-05-03	2024-05-03
Pretty URL www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/ IP 172.67.162.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-03 23:16:17 Last Seen2024-05-03 23:16:17 Times Seen1 Hash 668d2452fcbdc6acc1dd8c12c41abe24 95f9450adce317acc3befc7f6c571b0a26a0c1cd e4300589fce199a5f6477de36e6cf58c80767b9c97551fdde1fe21f011dbbc64 Loading...

		Size	First Seen	Last Seen
	#1 Eval - e36917e880e77c7a40a895f73f90de3e	2.2 kB	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 23:16:17 Last Seen2024-05-03 23:16:17 Times Seen1 Hash e36917e880e77c7a40a895f73f90de3e f5d26f3b878a53835640445cb46225ea01494f69 8365c3a23951fd4aae842b8f21ad6ae8f9e00120ad52ef6e89f3a11472e0a406 Loading...

	#2 Eval - 66cf58c06fd2f0bd09a29f7ad2d2f253	2.2 kB	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 23:16:17 Last Seen2024-05-03 23:16:17 Times Seen1 Hash 66cf58c06fd2f0bd09a29f7ad2d2f253 c9205ab080eb0abb7e1b664ca6cf3e85a1767d55 ce3b8360e59688cc2d221f3fb1b915b89ba6b6545a6f3b9277ed6f0e13300821 Loading...

		Size	First Seen	Last Seen
	#1 Write - 818b6b129690c0e47bb408865b7f30de	116 B	2024-04-26	2024-05-11
Pretty Observations First Seen2024-04-26 23:59:44 Last Seen2024-05-11 19:07:47 Times Seen13 Hash 818b6b129690c0e47bb408865b7f30de 8723f5326ad6350069a8d6cdc6a32f0969937581 4c732d6c2f5f6950e3768f6c873d21b38427ce2eb6e4c967a9478e1e7238e45e Loading...

HTTP Transactions (42)

URL IP Response Size

i1.wp.com/cdn.apollo.audio/one/media/6634/c8b3/ce6f/6005/c463/6e73/Toby%20Gayfer.jpg?quality=80&format=jpg&crop=16,0,118,182&resize=crop&w=1200&resize=1200,0&ssl=1

192.0.77.2

200 OK

1.9 kB

URL GET HTTP/2
i1.wp.com/cdn.apollo.audio/one/media/6634/c8b3/ce6f/6005/c463/6e73/Toby%20Gayfer.jpg?quality=80&format=jpg&crop=16,0,118,182&resize=crop&w=1200&resize=1200,0&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 153x182, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.9 kB (1910 bytes)
Hash
8909b6974914fc811f9c956eb4eda11a
134e6ca4506d2ee77655336c55f9d16ebc3a08c9
b3c13f8f44213d1d16a12967be0a25ff7d29bc20377419624d1d8159eccc39a5

HTTP Headers

GET /cdn.apollo.audio/one/media/6634/c8b3/ce6f/6005/c463/6e73/Toby%20Gayfer.jpg?quality=80&format=jpg&crop=16,0,118,182&resize=crop&w=1200&resize=1200,0&ssl=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 21:15:43 GMT
content-type: image/webp
content-length: 1910
last-modified: Fri, 03 May 2024 18:23:49 GMT
expires: Mon, 04 May 2026 06:23:49 GMT
cache-control: public, max-age=63115200
link: <https://cdn.apollo.audio/one/media/6634/c8b3/ce6f/6005/c463/6e73/Toby%20Gayfer.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "eaae8ad65a002185"
vary: Accept
x-nc: MISS arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

www.animapuglia.it/wp-includes/js/imagesloaded.min.js?ver=5.0.0

172.67.162.22

200 OK

2.3 kB

URL GET HTTP/3
www.animapuglia.it/wp-includes/js/imagesloaded.min.js?ver=5.0.0
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
JavaScript source, ASCII text, with very long lines (4358)
Size
2.3 kB (2310 bytes)
Hash
6823120876c9afc8929418c9a6f8e343
90b0adb37d70ffec5f9189c36bb0027c310c9502
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js?ver=5.0.0 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"1590-65f308ae-430363;br"
last-modified: Thu, 14 Mar 2024 14:24:46 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tp%2Fv4hItoya5lXxDeOlVYmMEwt6MRd59vUwokPM%2Baun%2BIQoJuY5M9Lwt1RdXOC5zWQiLnZRg%2BJWGeCxOsCz7WQQzT3KHyQOZYqaywNAvW1lY4lg9Cj2LmqRjNTWY%2FB%2B1VJBQivw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449f0d3256af-OSL
content-encoding: br

www.animapuglia.it/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.2

172.67.162.22

200 OK

754 B

URL GET HTTP/3
www.animapuglia.it/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.2
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
JavaScript source, ASCII text
Size
754 B (754 bytes)
Hash
7400be6825870bab4c9b079e24e0132d
394e6d8296d3cee3628a106d7e091f066c606af8
8b9e686457dcdbe229329076432ea1239d05c3d4411f89bcebf0951bbf00ff6d

HTTP Headers

GET /wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.7.2 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"1fb-662f04fa-2b5067;br"
last-modified: Mon, 29 Apr 2024 02:24:58 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PnLVEWWQnNmr6CRXkaNMf3ZZAxAorY20MQsGfXhweaWIj0EcQzXKl4TeBS8n9Gk%2BpUD6gJXjnQyE8fLXHetJJkXyseatiWlafr5T1QhqZXEveF0Y12y%2F4WVtyVcHGmRqC4B1cRc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449f1d4156af-OSL
content-encoding: br

www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/ticker.js?ver=1.2.1

172.67.162.22

200 OK

8.9 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/ticker.js?ver=1.2.1
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
JavaScript source, ASCII text
Size
8.9 kB (8939 bytes)
Hash
713b48f26bc87130e2f0a9c490dcdafa
d1d247b84ab6eac2f8fee1813756efa33e454aec
7b03ff0224edb6094db4bcb2a81fedfda9e74fc38539a1f0ea68b9294445a324

HTTP Headers

GET /wp-content/themes/newspaper-eye/assets/js/ticker.js?ver=1.2.1 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"627a-6631e7ea-372135;br"
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S66CwIzMO%2BPoHEsahtKXjEK0Eoc5fRey36CijTVhrSJz3dRKEZRMN243Jo02xEyDL5my63jNHz%2Fwh1JBYuiJimQ86Jh%2Ff7djdiP1iRUOnQvn9a%2F3tEmZeuKqkUFheRlnf8qvmok%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449f0d3856af-OSL
content-encoding: br

www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/responsive.css?ver=1.0.6

172.67.162.22

200 OK

7.0 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/responsive.css?ver=1.0.6
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
ASCII text, with very long lines (1934), with no line terminators
Size
7.0 kB (6997 bytes)
Hash
a0b424fdc3ec2781b0e31ca159b9eef5
e681855ba47ebedab1cf1e7f46d8b16b0880d7f9
29304a3c6e377624c153a6fcccdc5e086b74a518bb0b41f141bafea9e11a8557

HTTP Headers

GET /wp-content/themes/newspaper-eye/assets/css/responsive.css?ver=1.0.6 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=2777
alt-svc: h3=":443"; ma=86400
etag: W/"ad9-6631e7ea-37212e;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eXTBrjgoBNn0r8elljx28HbvJ2qO05d%2BB2I1EUZ677Zt8b5kwPzswS%2FZFFVGci9MNMoiJHdWVgTQeCfgkcB6ZffqW0d5h3YPZ5qBOrg5uwxFQ3kaAhopvFM1FVZdFB2AK4nf9Pc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449eed1a56af-OSL
content-encoding: br

www.animapuglia.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

172.67.162.22

200 OK

11 kB

URL GET HTTP/3
www.animapuglia.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
11 kB (11112 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"3509-65f308ad-430453;br"
last-modified: Thu, 14 Mar 2024 14:24:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=srAZpNw3VplQNq9UFtaa3nCiC4hK3E1bxY9AswS64sHJHgoULqZLLtSdyBfx%2BfMkenhk0eWaWz0omMWzcolreKYjgUTF7VAN98KYQa63rAVAKB6oKaK4V%2BJmnuYy4nwV6%2FaFRI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449efd2256af-OSL
content-encoding: br

heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js

192.243.61.227

200 OK

12 kB

URL GET HTTP/1.1
heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectheedlessplanallusion.com
Fingerprint22:FE:62:81:B7:05:16:32:08:5A:33:B1:A4:DE:C2:EC:39:69:1B:DB
ValiditySun, 17 Mar 2024 07:41:47 GMT - Sat, 15 Jun 2024 07:41:46 GMT

File type
JavaScript source, ASCII text, with very long lines (31327), with no line terminators
Size
12 kB (11865 bytes)
Hash
b0ee98b847e3c6142da4c2b877563776
5fce28006fd74ee17a03e8e1010e7a5e7b74718e
17f3daeac9563a0b6f81c29e3eac48f9771c9133d021160e1e8a66100866ee16

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9d3b448e547be241c68efc985e24dcc2/invoke.js HTTP/1.1
Host: heedlessplanallusion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8cf647be5ae293b231c19dc4021a3ee4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

3.164.222.26

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
3.164.222.26:0
ASN
#0

File type
data
Size
471 B (471 bytes)
Hash
353dbae1e1b45a750770ae51bef13ba7
465917a2a0bbb947e9727e7f08b584a82aa6fb81
9fa5becc3e07f31f2f08bf5f331d6bfda4f6386634ea524bc3a8c56ac1c0bc2b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 03 May 2024 21:15:45 GMT
Last-Modified: Fri, 03 May 2024 19:53:33 GMT
Server: ECAcc (ska/F775)
X-Cache: Miss from cloudfront
Via: 1.1 b01c786d61caf32e94417e7b5578c60e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: SIcCfGA1ZpC6wrraROqsm0RmyMsDuOFZRMdXPrJ2mfPuWd3SoCojoQ==
Age: 4932

proftrafficcounter.com/stats

52.29.105.35

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.29.105.35:443
ASN
#16509 AMAZON-02

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
69b0e8cc069bbf851f71b5531dfbfd81
126904a48e194fa98787f94942dcf37646322e38
13835c3c3b7f7a900600521ea136d6ce7b256aec9c6e5f2d46d735d093155ee0

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.animapuglia.it
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 21:15:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.animapuglia.it
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=c37d501c-817a-418d-abf2-8a0d53f835b5:2:1; expires=Mon, 01 May 2034 21:15:45 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js

192.243.61.227

200 OK

12 kB

URL GET HTTP/1.1
heedlessplanallusion.com/9d3b448e547be241c68efc985e24dcc2/invoke.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectheedlessplanallusion.com
Fingerprint22:FE:62:81:B7:05:16:32:08:5A:33:B1:A4:DE:C2:EC:39:69:1B:DB
ValiditySun, 17 Mar 2024 07:41:47 GMT - Sat, 15 Jun 2024 07:41:46 GMT

File type
JavaScript source, ASCII text, with very long lines (31330), with no line terminators
Size
12 kB (11866 bytes)
Hash
4631f3166d8d22337eab137d551fe671
e9e660f233d06df79b8f02afbf11ad5e8e66258e
f22ca8830a32809507db49454ef76f4a4b10750f6c5bb0f08946b170eb608c10

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9d3b448e547be241c68efc985e24dcc2/invoke.js HTTP/1.1
Host: heedlessplanallusion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f082756132ac3963b029504006c824f2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/frankruhllibre/v21/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2

216.58.207.227

200 OK

44 kB

URL GET HTTP/2
fonts.gstatic.com/s/frankruhllibre/v21/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 44372, version 1.0
Size
44 kB (44372 bytes)
Hash
aad297b90cf16b705fe7a61422ba3771
672088bfb217973489968a662376c46816f9376c
523e12ec4882988ae8c43f71e35ea24fccd8560997c349a0a24c27c6682573fb

HTTP Headers

GET /s/frankruhllibre/v21/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.animapuglia.it
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 10:06:55 GMT
expires: Sat, 03 May 2025 10:06:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 11 Apr 2024 18:31:48 GMT
content-type: font/woff2
age: 40130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

wingstoesassemble.com/watch.1241730837865.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&tz=0&dev=e&res=14.2071&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1

172.240.253.132

307 Temporary Redirect

0 B

URL GET HTTP/1.1
wingstoesassemble.com/watch.1241730837865.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&tz=0&dev=e&res=14.2071&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectwingstoesassemble.com
Fingerprint57:98:C0:6E:1E:52:1E:0E:0E:6E:7D:82:04:98:75:A1:6E:59:8F:DF
ValidityTue, 30 Apr 2024 15:28:30 GMT - Mon, 29 Jul 2024 15:28:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1241730837865.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&tz=0&dev=e&res=14.2071&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 HTTP/1.1
Host: wingstoesassemble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.animapuglia.it
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:45 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.animapuglia.it
Access-Control-Allow-Origin: https://www.animapuglia.it
Access-Control-Allow-Credentials: true
Location: https://wingstoesassemble.com/watch.1241730837865.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=f5e80fe631ce529d916cdf1e9cdc3ac5487c38a436d41b1ecab4096e79de3e52d88edd62fb5137803537d9a86fe79cac660805a7044df3c87d7804b5dcd932adcc6388d6957f29b71dd132dd251eecb3e7c067ed74deb8defbdf9250271c202a&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
Set-Cookie: u_pl=16664818; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2NDgxOCwiayI6IjlkM2I0NDhlNTQ3YmUyNDFjNjhlZmM5ODVlMjRkY2MyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Imo2YzYxNGp3YmciLCJjcGtzIjp7IjI4IjoiNGJiYzIzYTkyZGI3NjhiYWI3MzgyMDg5MGJkOGZhM2QiLCIyOSI6IjczMzQzNmNkNjM5YWRjNjlkN2IxMTBlNzQ4NmYwYWVhIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5hbmltYXB1Z2xpYS5pdC9uaW1vZXMvMjAyNC8wNS8wNC8xNDYzOFNGZHkzMFh0RS8iLCJhciI6W119fQ.7a0MdKPkzegWWRcl9jrvJPHlc8jGgHMrl0onyBd-wCY; expires=Fri, 03 May 2024 21:16:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8dc9c6585d47bfef6ad12e69ee0ddea9
Strict-Transport-Security: max-age=0; includeSubdomains

www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/mobile-menu.js?ver=1.0.6

172.67.162.22

200 OK

79 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/mobile-menu.js?ver=1.0.6
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
JavaScript source, ASCII text
Size
79 kB (79290 bytes)
Hash
95079801e103934b5400827b58f81a20
76ff8f501132357db688426f68f48057c9ec76be
d980ce158727574d15b234ffbe8d27c8e2136eda5ae1854376a434ea27274290

HTTP Headers

GET /wp-content/themes/newspaper-eye/assets/js/mobile-menu.js?ver=1.0.6 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"dc1-6631e7ea-372132;br"
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aE5it5zTz3PsnQkW7cohTEb9cC74XKFQEMG%2Fy2XZ4MJXQ4fGSc5YOpJkW6lGt3QNd4Pjh5OREAtjT3n%2FLLWYlkuTnjXcQsxWBq9F2lIACyLmXITCgvcmJcmbxf99n1y%2B5Uzd%2FIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449f0d3656af-OSL
content-encoding: br

wingstoesassemble.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js

192.243.61.227

200 OK

30 kB

URL GET HTTP/1.1
wingstoesassemble.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectwingstoesassemble.com
Fingerprint57:98:C0:6E:1E:52:1E:0E:0E:6E:7D:82:04:98:75:A1:6E:59:8F:DF
ValidityTue, 30 Apr 2024 15:28:30 GMT - Mon, 29 Jul 2024 15:28:29 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30403 bytes)
Hash
100662ae88f1cf5b107c619842067786
2b577c3b127e08f32d84541b16252f0ea01ef4ee
1e286530f2e2dd056e7395b0b2280037396fb8227ae55c452aec1684d853cb2c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js HTTP/1.1
Host: wingstoesassemble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6e599294b4bed20919ab13f75e00228f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

wingstoesassemble.com/watch.1241730837865.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=f5e80fe631ce529d916cdf1e9cdc3ac5487c38a436d41b1ecab4096e79de3e52d88edd62fb5137803537d9a86fe79cac660805a7044df3c87d7804b5dcd932adcc6388d6957f29b71dd132dd251eecb3e7c067ed74deb8defbdf9250271c202a&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1

172.240.253.132

200 OK

2.0 kB

URL GET HTTP/1.1
wingstoesassemble.com/watch.1241730837865.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=f5e80fe631ce529d916cdf1e9cdc3ac5487c38a436d41b1ecab4096e79de3e52d88edd62fb5137803537d9a86fe79cac660805a7044df3c87d7804b5dcd932adcc6388d6957f29b71dd132dd251eecb3e7c067ed74deb8defbdf9250271c202a&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectwingstoesassemble.com
Fingerprint57:98:C0:6E:1E:52:1E:0E:0E:6E:7D:82:04:98:75:A1:6E:59:8F:DF
ValidityTue, 30 Apr 2024 15:28:30 GMT - Mon, 29 Jul 2024 15:28:29 GMT

File type
JavaScript source, ASCII text, with very long lines (2490)
Size
2.0 kB (2021 bytes)
Hash
ccd2d70f47d787e27d7b9edc2731801e
0c4341c9f191b7d55e6fccfea44dac4cd748d04b
80378eb2f1095ceb177d9aba2b4ed7510e3c2b8ba1c9f420c46d95fb40e2a37c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1241730837865.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=f5e80fe631ce529d916cdf1e9cdc3ac5487c38a436d41b1ecab4096e79de3e52d88edd62fb5137803537d9a86fe79cac660805a7044df3c87d7804b5dcd932adcc6388d6957f29b71dd132dd251eecb3e7c067ed74deb8defbdf9250271c202a&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 HTTP/1.1
Host: wingstoesassemble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.animapuglia.it
Referer: https://www.animapuglia.it/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16664818; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2NDgxOCwiayI6IjlkM2I0NDhlNTQ3YmUyNDFjNjhlZmM5ODVlMjRkY2MyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Imo2YzYxNGp3YmciLCJjcGtzIjp7IjI4IjoiNGJiYzIzYTkyZGI3NjhiYWI3MzgyMDg5MGJkOGZhM2QiLCIyOSI6IjczMzQzNmNkNjM5YWRjNjlkN2IxMTBlNzQ4NmYwYWVhIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5hbmltYXB1Z2xpYS5pdC9uaW1vZXMvMjAyNC8wNS8wNC8xNDYzOFNGZHkzMFh0RS8iLCJhciI6W119fQ.7a0MdKPkzegWWRcl9jrvJPHlc8jGgHMrl0onyBd-wCY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.animapuglia.it
Access-Control-Allow-Origin: https://www.animapuglia.it
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=c37d501c-817a-418d-abf2-8a0d53f835b5:2:1; expires=Fri, 10 May 2024 21:15:45 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8516c5c02e20a3f23db7fedc636ade66
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.animapuglia.it/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

172.67.162.22

200 OK

31 kB

URL GET HTTP/3
www.animapuglia.it/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31396 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"15601-65f308ae-43045b;br"
last-modified: Thu, 14 Mar 2024 14:24:46 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2F8CRw9G%2BGulZ9PfaTzoWaNZTVp1jr8TsnohFi18UDZpNBWO7CGuMNasnavb2iJ42lnLGdoB%2FFrOp7fJ9oa0M38%2F2D1jcDzOLgvIui0uQyFodh8S1XXHcKfWp4uROHNTOMxxgv4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449eed1c56af-OSL
content-encoding: br

www.animapuglia.it/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.2

172.67.162.22

200 OK

31 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.2
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
JavaScript source, ASCII text
Size
31 kB (30740 bytes)
Hash
110e06930c2043d5439adeb9999f07f5
1294fd7195b1c2652c3627fe7a57f71d447313b3
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

HTTP Headers

GET /wp-content/plugins/wp-automatic/js/main-front.js?ver=6.5.2 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"3f9-660d8b69-27721e;br"
last-modified: Wed, 03 Apr 2024 17:01:29 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Burj%2BzEXTC1ih47VSu2zUMk56KXEFpBxOY33QbmXAbWhMYq8qyn6yIhGOzM7mppzy8iFE9UhZruQK02vYp1kWSc6r7opYj4Lwc0EudDSCRGRlEtYEZNqQeha9Ho4wLYBYlPYA1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449efd2c56af-OSL
content-encoding: br

www.animapuglia.it/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2

172.67.162.22

200 OK

5.4 kB

URL GET HTTP/3
www.animapuglia.it/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
JavaScript source, ASCII text, with very long lines (15752)
Size
5.4 kB (5444 bytes)
Hash
b976b651932bfd25b9ddb5b7693d88a7
7fcb7cb5c11227f9213b1e08a07d0212209e1432
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:45 GMT
content-type: text/javascript
etag: W/"4926-660cbe03-430390;br"
last-modified: Wed, 03 Apr 2024 02:25:07 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xL2AGwpkIwJy%2BfH5%2FX9DcJVC7DMg5i5fm5GZZPmORmjL%2Bw2EX4RFx%2FaRXB4BUm6emFkG4u00neaCV2%2FYK11XdiM8rZ3aqWUm1i9sOnVk3U1jMFPQ9c5qaaDFrCHSu59r0IM7KAo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e344a87d9d56af-OSL
content-encoding: br

cdn.cloudimagesb.com/cti/2a/64/ce/2a64ce8eda8dd978aa075a952612a996/1707813839.png

45.133.44.10

200 OK

127 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/2a/64/ce/2a64ce8eda8dd978aa075a952612a996/1707813839.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
127 kB (126881 bytes)
Hash
2b3a88d55519a3486d66d937f650bc1e
ada2d70a5653252dbb2a16fcbaee6b0a082d7649
cb63305035c57bf9d2d2cdca42c28adf15860b1807c7a40c6a1bfd72058848f1

HTTP Headers

GET /cti/2a/64/ce/2a64ce8eda8dd978aa075a952612a996/1707813839.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 21:15:45 GMT
content-type: image/png
content-length: 126881
server: nginx/1.21.6
last-modified: Tue, 13 Feb 2024 08:44:07 GMT
etag: "65cb2bd7-1efa1"
expires: Sun, 05 May 2024 21:15:45 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

inconveniencemimic.com/watch.422356533491.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=26b3a03c7ec222394b420dfe7810dbaa0441537cf2effb096462babf104318a44d49cb05c2e466f23edd9ad4953c611fa6f222b0ffd4257746c90d4a3b54a2d1752eb2157a6177636881cd8959976d06df97b7322a5a60d683c6adecd6a918&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1

192.243.61.227

200 OK

2.0 kB

URL GET HTTP/1.1
inconveniencemimic.com/watch.422356533491.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=26b3a03c7ec222394b420dfe7810dbaa0441537cf2effb096462babf104318a44d49cb05c2e466f23edd9ad4953c611fa6f222b0ffd4257746c90d4a3b54a2d1752eb2157a6177636881cd8959976d06df97b7322a5a60d683c6adecd6a918&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectinconveniencemimic.com
FingerprintAF:84:31:F6:C9:08:AA:86:11:4D:BF:62:E5:2A:DB:57:5B:6E:E2:36
ValidityMon, 29 Apr 2024 08:23:14 GMT - Sun, 28 Jul 2024 08:23:13 GMT

File type
JavaScript source, ASCII text, with very long lines (2489)
Size
2.0 kB (2022 bytes)
Hash
af917a370d3f39a1c892aaacb9571399
4278df705e2bdffe8877422a4e41d3fb490ca15e
2cb3d50c4ed5c4c095eec84596ddd76619b01d52c84f8989680812db6c55f268

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.422356533491.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=26b3a03c7ec222394b420dfe7810dbaa0441537cf2effb096462babf104318a44d49cb05c2e466f23edd9ad4953c611fa6f222b0ffd4257746c90d4a3b54a2d1752eb2157a6177636881cd8959976d06df97b7322a5a60d683c6adecd6a918&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 HTTP/1.1
Host: inconveniencemimic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.animapuglia.it
Referer: https://www.animapuglia.it/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16664818; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2NDgxOCwiayI6IjlkM2I0NDhlNTQ3YmUyNDFjNjhlZmM5ODVlMjRkY2MyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Imo2YzYxNGp3YmciLCJjcGtzIjp7IjI4IjoiNGJiYzIzYTkyZGI3NjhiYWI3MzgyMDg5MGJkOGZhM2QiLCIyOSI6IjczMzQzNmNkNjM5YWRjNjlkN2IxMTBlNzQ4NmYwYWVhIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5hbmltYXB1Z2xpYS5pdC9uaW1vZXMvMjAyNC8wNS8wNC8xNDYzOFNGZHkzMFh0RS8iLCJhciI6W119fQ.7a0MdKPkzegWWRcl9jrvJPHlc8jGgHMrl0onyBd-wCY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.animapuglia.it
Access-Control-Allow-Origin: https://www.animapuglia.it
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=c37d501c-817a-418d-abf2-8a0d53f835b5:2:1; expires=Fri, 10 May 2024 21:15:45 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41e540337b3d944262a9be4477eaa8d0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.cloudimagesb.com/cti/5e/a7/e0/5ea7e0aff4bf51bee11fade7700f6f28/1707923235.jpg

45.133.44.10

200 OK

120 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/5e/a7/e0/5ea7e0aff4bf51bee11fade7700f6f28/1707923235.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x250, components 3
Size
120 kB (119736 bytes)
Hash
b6302f100b68f462859b1b4dec28ca24
27c2593c480cb61b0b7b143048cff5e56de9ffd4
bb6c58cea0780621cf7c4f5504248183ee986753fe53eaacaec915817cb18b1a

HTTP Headers

GET /cti/5e/a7/e0/5ea7e0aff4bf51bee11fade7700f6f28/1707923235.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 21:15:46 GMT
content-type: image/jpeg
content-length: 119736
server: nginx/1.21.6
last-modified: Wed, 14 Feb 2024 15:07:23 GMT
etag: "65ccd72b-1d3b8"
expires: Sun, 05 May 2024 21:15:46 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

impatientliftdiploma.com/pixel/purst?dl=0&th=0&sc=0&rs=2518&rd=2518&fd=558&bv=24.5.6485&tmpl=136

172.240.108.84

200 OK

0 B

URL GET HTTP/1.1
impatientliftdiploma.com/pixel/purst?dl=0&th=0&sc=0&rs=2518&rd=2518&fd=558&bv=24.5.6485&tmpl=136
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectimpatientliftdiploma.com
Fingerprint64:70:CB:19:1D:86:2C:EF:2A:8A:6C:AB:E1:D1:06:C2:0E:8B:2C:49
ValidityMon, 29 Apr 2024 13:13:46 GMT - Sun, 28 Jul 2024 13:13:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2518&rd=2518&fd=558&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: impatientliftdiploma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:46 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.animapuglia.it/wp-content/uploads/2024/05/cropped-Screen-Shot-2024-05-01-at-14.54.39-192x192.png

172.67.162.22

200 OK

4.8 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/uploads/2024/05/cropped-Screen-Shot-2024-05-01-at-14.54.39-192x192.png
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
PNG image data, 192 x 192, 8-bit grayscale, non-interlaced
Size
4.8 kB (4827 bytes)
Hash
f848f15b939d8fab3634c85366cb7064
4634debb9e85f97e41d50a04934a0154c535f6a2
46cea472bc8590dd4972cde0b7dbf2c31f3ad3907ef1590942a08ff8487295a7

HTTP Headers

GET /wp-content/uploads/2024/05/cropped-Screen-Shot-2024-05-01-at-14.54.39-192x192.png HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:46 GMT
content-type: image/png
content-length: 4827
cache-control: public, max-age=43200
expires: Sat, 04 May 2024 02:47:43 GMT
etag: "12db-6631e75d-43086b;;;"
last-modified: Wed, 01 May 2024 06:55:25 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 23283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5YiGsJfd67okmMaP0rHkrOwo%2Frqy8AeLfZKkYVm3kvOfq9WHcGKohR2UQYrXPtfD1cpAk0ZqxQ87SEoAGTnnwgDjDTJcm7RinVBKRAzzXTTqTPNhANRckmfpctM8qlAlLbzEXA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e344ad29fe56af-OSL

www.animapuglia.it/wp-content/uploads/2024/05/cropped-Screen-Shot-2024-05-01-at-14.54.39-32x32.png

172.67.162.22

200 OK

555 B

URL GET HTTP/3
www.animapuglia.it/wp-content/uploads/2024/05/cropped-Screen-Shot-2024-05-01-at-14.54.39-32x32.png
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
PNG image data, 32 x 32, 8-bit grayscale, non-interlaced
Size
555 B (555 bytes)
Hash
b4639b79f26f350ae29d88eec33c2139
e878d007cd69148365435eeb5973c9d920bf2813
f5f995def8991d5924b3f55616f1bbbc6713924918b8d97a1b64b3a5bbc7422a

HTTP Headers

GET /wp-content/uploads/2024/05/cropped-Screen-Shot-2024-05-01-at-14.54.39-32x32.png HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:46 GMT
content-type: image/png
content-length: 555
cache-control: public, max-age=43200
expires: Fri, 03 May 2024 20:38:53 GMT
etag: "22b-6631e75d-43086d;;;"
last-modified: Wed, 01 May 2024 06:55:25 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KIVCrLk9C3wQYlTX6h5F8iQfJec9cWQfxtPgSwG6R6ABPg2y4uPBJzEr8Q9jqEKnpnKzZvR6dwZi%2FK6GiU5qf6nYopofFUgTqwCJokw%2FM8WWZEr8hMS5s%2FjnR9r2QltztmOPnNM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e344ad4a2556af-OSL

unseenreport.com/pxf.gif?uuid=c37d501c-817a-418d-abf2-8a0d53f835b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4bbc23a92db768bab73820890bd8fa3d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=c37d501c-817a-418d-abf2-8a0d53f835b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4bbc23a92db768bab73820890bd8fa3d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=c37d501c-817a-418d-abf2-8a0d53f835b5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4bbc23a92db768bab73820890bd8fa3d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 May 2024 21:15:46 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1910555d8d77c9b21abfce0deb040b71
Strict-Transport-Security: max-age=0; includeSubdomains

www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/default-style.css?ver=1.0.6

172.67.162.22

200 OK

4.5 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/default-style.css?ver=1.0.6
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
ASCII text, with very long lines (4476), with no line terminators
Size
4.5 kB (4474 bytes)
Hash
c545ebb7cdc388667909cb65d0f7a7a8
b7f58479fd6f0b304fb1f6eeca1f03ea563ddfad
d81719b6d6c52897920be1160dd3f190d281fc7152ecbdfec612d5364a3c69b7

HTTP Headers

GET /wp-content/themes/newspaper-eye/assets/css/default-style.css?ver=1.0.6 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=7390
alt-svc: h3=":443"; ma=86400
etag: W/"1cde-6631e7ea-37212c;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZB7Hbztkeak6IboBdPcuWCKrS6rjTrhFbSvmrmpgBamXFwX5bT4zXZkToRLdImsIQ72RVtg3tnXx9LxI3vbBJvgHv73X9xwY2Dg6SUxUZ77EdTTg7SFRHTTFdI65vM2bT9mzgrE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449eed1256af-OSL
content-encoding: br

www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/scripts.js?ver=1.0.6

172.67.162.22

200 OK

1.3 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/themes/newspaper-eye/assets/js/scripts.js?ver=1.0.6
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
JavaScript source, ASCII text, with very long lines (1443), with no line terminators
Size
1.3 kB (1307 bytes)
Hash
18599547ce1042f2828ed16c721960c8
6cee8fdc2f96225ab645c2bf677a549c5278c1a9
8505b9f7d0a49ecda693864f1861157b23a6dd1165d49770af492530740a54cb

HTTP Headers

GET /wp-content/themes/newspaper-eye/assets/js/scripts.js?ver=1.0.6 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"51b-6631e7ea-372134;br"
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l0%2FrgRwXFvjSyL5z40jprqdMQSi8xYBtytuJkMXdbLfm1fs8PmsiXiwSbMT7qmFbK1bpwsI8aGr4%2FmSFmnGn3Lf1U3R%2Bwp8SWJGEEJON16Gh5gBybvNZ%2Fno6GBz8avNQOif%2FFX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449f1d3f56af-OSL
content-encoding: br

www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/all.css?ver=5.15.3

172.67.162.22

200 OK

59 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/all.css?ver=5.15.3
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
ASCII text, with very long lines (59327)
Size
59 kB (59399 bytes)
Hash
7a9336a972a40b34b9a780cf040b3d87
c8ded5f8a836fd032831e26eaec347e124f5468c
7bc786c4f462d34ffbc51d1d3f96838c6663b100a7f80a2b3d56a472e43aa061

HTTP Headers

GET /wp-content/themes/newspaper-eye/assets/css/all.css?ver=5.15.3 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=73626
alt-svc: h3=":443"; ma=86400
etag: W/"11f9a-6631e7ea-372128;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FAhXrlT8MtXOBaApN3nO6dRbvxCtRtHSF6GIbZPi2pxHo5cc%2FHqM7JLWXEfP0gk1jz5kMG4o7HxsAU2hVWeG3intaGU8opJH%2F4nRSzHqzCfTqEo7wzeFfAS1TABzSC5r%2BCeL8PA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449edd0c56af-OSL
content-encoding: br

inconveniencemimic.com/watch.422356533491.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&tz=0&dev=e&res=14.2071&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1

192.243.61.227

307 Temporary Redirect

3.4 kB

URL GET HTTP/1.1
inconveniencemimic.com/watch.422356533491.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&tz=0&dev=e&res=14.2071&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectinconveniencemimic.com
FingerprintAF:84:31:F6:C9:08:AA:86:11:4D:BF:62:E5:2A:DB:57:5B:6E:E2:36
ValidityMon, 29 Apr 2024 08:23:14 GMT - Sun, 28 Jul 2024 08:23:13 GMT

File type

Size
3.4 kB (3365 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.422356533491.js?key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&tz=0&dev=e&res=14.2071&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1 HTTP/1.1
Host: inconveniencemimic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.animapuglia.it
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:45 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.animapuglia.it
Access-Control-Allow-Origin: https://www.animapuglia.it
Access-Control-Allow-Credentials: true
Location: https://inconveniencemimic.com/watch.422356533491.js?dev=e&key=9d3b448e547be241c68efc985e24dcc2&kw=%5B%22a%22%2C%2229-year-old%22%2C%22man%22%2C%22who%22%2C%22raped%22%2C%22a%22%2C%22sleeping%22%2C%22woman%22%2C%22in%22%2C%22edinburgh%22%2C%22has%22%2C%22been%22%2C%22jailed%22%2C%22%E2%80%93%22%2C%22news%22%2C%22anemonedivingcenter%22%5D&pst=1714771005&refer=https%3A%2F%2Fwww.animapuglia.it%2Fnimoes%2F2024%2F05%2F04%2F14638SFdy30XtE%2F&res=14.2071&rmtc=t&shu=26b3a03c7ec222394b420dfe7810dbaa0441537cf2effb096462babf104318a44d49cb05c2e466f23edd9ad4953c611fa6f222b0ffd4257746c90d4a3b54a2d1752eb2157a6177636881cd8959976d06df97b7322a5a60d683c6adecd6a918&tz=0&uuid=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
Set-Cookie: u_pl=16664818; expires=Sat, 04 May 2024 21:15:45 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2NDgxOCwiayI6IjlkM2I0NDhlNTQ3YmUyNDFjNjhlZmM5ODVlMjRkY2MyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Imo2YzYxNGp3YmciLCJjcGtzIjp7IjI4IjoiNGJiYzIzYTkyZGI3NjhiYWI3MzgyMDg5MGJkOGZhM2QiLCIyOSI6IjczMzQzNmNkNjM5YWRjNjlkN2IxMTBlNzQ4NmYwYWVhIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5hbmltYXB1Z2xpYS5pdC9uaW1vZXMvMjAyNC8wNS8wNC8xNDYzOFNGZHkzMFh0RS8iLCJhciI6W119fQ.7a0MdKPkzegWWRcl9jrvJPHlc8jGgHMrl0onyBd-wCY; expires=Fri, 03 May 2024 21:16:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c6736d17e5ed7d42be677f185b8fe15e
Strict-Transport-Security: max-age=0; includeSubdomains

inconveniencemimic.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js

192.243.61.227

200 OK

84 kB

URL GET HTTP/1.1
inconveniencemimic.com/4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectinconveniencemimic.com
FingerprintAF:84:31:F6:C9:08:AA:86:11:4D:BF:62:E5:2A:DB:57:5B:6E:E2:36
ValidityMon, 29 Apr 2024 08:23:14 GMT - Sun, 28 Jul 2024 08:23:13 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
84 kB (83997 bytes)
Hash
661467ca83a1afcc710eb775ab524411
a6bfb65e6e596e781a084052e2cc41fe0287e709
9143fa2db024bcbf56a8b69f7fa7d877b8f40efb53f4994587f97aaff9469b0b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4b/bc/23/4bbc23a92db768bab73820890bd8fa3d.js HTTP/1.1
Host: inconveniencemimic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 21:15:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 87cecfef5256491d6476f7ee2fc7597b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/admin-block.css?ver=1.0

172.67.162.22

200 OK

1.9 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/admin-block.css?ver=1.0
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
ASCII text, with very long lines (1895), with no line terminators
Size
1.9 kB (1895 bytes)
Hash
992c56bf160d98d31f326d39b266af55
9e6eb738d801aca8351126f4334bcc1771af8a1f
58891be47a14302f78b4afeed4a9f5b7875900bba044388d3be677f5f9f9b7f0

HTTP Headers

GET /wp-content/themes/newspaper-eye/assets/css/admin-block.css?ver=1.0 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=2562
alt-svc: h3=":443"; ma=86400
etag: W/"a02-6631e7ea-372127;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BgsmpkrWRCIxh%2B9dHy1RrGcwMXIuTHLocwPkNTvTUn1u1ivwrPPSpLLblriPmIpLNF9ofEpdvyXBQyYrNm3tZkeBaCcgBLuF1dBouhu2RgjICdfZsmr%2FuGBR7420yItyuOixaEk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449edd0256af-OSL
content-encoding: br

www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/bootstrap.css?ver=5.2.2

172.67.162.22

200 OK

196 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/bootstrap.css?ver=5.2.2
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type

Size
196 kB (196490 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/newspaper-eye/assets/css/bootstrap.css?ver=5.2.2 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=237994
alt-svc: h3=":443"; ma=86400
etag: W/"3a1aa-6631e7ea-37212a;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uK20vU5F0SDC9Uy9RH7KgmFAsBvxAfBSgFj7v7leSnf%2BQ3x%2FWYHYQqwdASpFfx5EUxVnJLO7Veouxfmt%2F4VQgkOdrgSq6TMh5przFaiD5ElYQ99zVo5%2FuJQzzoV4phvfelNvInQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449edd0856af-OSL
content-encoding: br

www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/main.css?ver=1.0.6

172.67.162.22

200 OK

21 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/main.css?ver=1.0.6
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
ASCII text, with very long lines (21167), with no line terminators
Size
21 kB (21167 bytes)
Hash
c01d3e74828fef530cc9ad5c47297ac0
00f42d25c8cc1cc2567c116e842269819ede892a
f97066b9a9c72ad87e98ff667ac6e0488587560d8ee07cbcc6facfced3ace185

HTTP Headers

GET /wp-content/themes/newspaper-eye/assets/css/main.css?ver=1.0.6 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=27777
alt-svc: h3=":443"; ma=86400
etag: W/"6c81-6631e7ea-37212d;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=STt10BcwCbUxuIWpM2o%2BxxDDKxZFGGP1cZ2Kp%2FjTw1Mz6T0thWnU4dgODMIYbgh89PBc2FN84xH8GqM3d5cj3DQzxfwoDmxNgagBiMWvaf9PScbHO1jZTqF7eddlITrl5Ty04Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449eed1356af-OSL
content-encoding: br

www.animapuglia.it/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2

172.67.162.22

200 OK

113 kB

URL GET HTTP/3
www.animapuglia.it/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type

Size
113 kB (113381 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
expires: Fri, 03 May 2024 20:38:49 GMT
etag: W/"1bae5-660cbe03-430288;br"
last-modified: Wed, 03 Apr 2024 02:25:07 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6MhirbjPWkT4jY9BcYH1qn%2BlNgDLPT416y5NLwJklifG0U2WPeThAm4WRsY1fNAFaCfVXZDQciu61OZPRzG6JVJIOWB2f%2FT%2BlGtmEBKo4fJYee7N%2FJmyfkYNYjHfcNB8e5QT5Ps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449edd0156af-OSL
content-encoding: br

downstairsnegotiatebarren.com/sfp.js

188.114.96.1

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 21:15:45 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 91bda845af69877c81c8284e3ed7f381
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 03 May 2024 21:15:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QUHnVG7yz9SKQ57jnNnUHZCKDl83SdjBmzgVKhVQrYPGmrx6bYZrGPEkjDaHyFPueiUGiJz9dy1NWYvQ2YuLXmT77h8%2FFuq6tLXIM1NOZ4lRYY9TKwo1SUWBvm%2BZGqDKMOCwobO6FYPYkBqB8yc6RA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e344aaaa35b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.animapuglia.it/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0

172.67.162.22

200 OK

2.4 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
ASCII text, with very long lines (2367), with no line terminators
Size
2.4 kB (2367 bytes)
Hash
79dc2fc9e9be25c4e4b65af78a1cf86a
36b819e4e1c0761f95c86743a307cff518e4c7ef
da26f75773d686f672adddeabc4378a593a11845f01c01dbd2c941744d2ff96a

HTTP Headers

GET /wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=2713
alt-svc: h3=":443"; ma=86400
etag: W/"a99-660d8b69-27723d;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 03 Apr 2024 17:01:29 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z8zpIKqz6t5wwKfqFoMGVohHmkPsMy14cVxDC6yT0fNZ46BPJOX3oBcureJi9R7mS%2Bk848D%2B%2B9%2BrpK%2Bcj%2B%2BcxLJZYoREqv7GUPKkaDjo5dNkZfdKmOalELTaSqFJUXBx9l29FUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449edd0756af-OSL
content-encoding: br

www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/block.css?ver=1.0.6

172.67.162.22

200 OK

3.0 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/block.css?ver=1.0.6
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
ASCII text, with very long lines (3008), with no line terminators
Size
3.0 kB (3008 bytes)
Hash
53c3167969baea2b79765403ae06922a
872092d8fb5d9ed63f054ba9bb760c85f25ab24b
7bf106c9644b9e0163d13cdeba2842bc8b3d5192f1faab4d05e29aeabd40e982

HTTP Headers

GET /wp-content/themes/newspaper-eye/assets/css/block.css?ver=1.0.6 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=4155
alt-svc: h3=":443"; ma=86400
etag: W/"103b-6631e7ea-372129;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGzBg20Q9UBENoM7lDK9%2Fv7eF5KnmaFrcNni3qmQpE6TnJjQGaQhzp4nuzFu1LoyjOw%2BNDXEguhV1B4lUN5jvSZbKHZnxazFdMQJli5v%2FU8upJCbXQlyJ9qcElok4ozdz6qVPjg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449eed0e56af-OSL
content-encoding: br

fonts.googleapis.com/css?family=Inter+Local%3A400%2C400i%2C700%2C700i%7CFrank+Ruhl+Libre%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext

142.250.74.106

200 OK

2.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Inter+Local%3A400%2C400i%2C700%2C700i%7CFrank+Ruhl+Libre%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (2226), with no line terminators
Size
2.2 kB (2178 bytes)
Hash
06c1988ae060a54d37ee6c478011a6eb
065ffe9f8ab35492d60c3cac8246db1b4282a47b
493cedd2fd101089bd1a824dc128d2d3208642729a004328cb80d9192441ab7b

HTTP Headers

GET /css?family=Inter+Local%3A400%2C400i%2C700%2C700i%7CFrank+Ruhl+Libre%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 May 2024 21:15:43 GMT
date: Fri, 03 May 2024 21:15:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.animapuglia.it/wp-includes/js/masonry.min.js?ver=4.2.2

172.67.162.22

200 OK

24 kB

URL GET HTTP/3
www.animapuglia.it/wp-includes/js/masonry.min.js?ver=4.2.2
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
JavaScript source, ASCII text, with very long lines (23966)
Size
24 kB (24138 bytes)
Hash
3b3fc826e58fc554108e4a651c9c7848
76778fd446e2ff2377588a7b4ac4d79f258427c9
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

HTTP Headers

GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/javascript
etag: W/"5e4a-65f308ad-430366;br"
last-modified: Thu, 14 Mar 2024 14:24:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=18uG83Lk4YSIWSgNLUxqCDqFszvAEauWpiwhOyL5X%2Bf0lkNCty3ow2XFIss3BB3ogCUH3k0w8KFaGINrALY8rIOCuO8bMFQGeoqIO%2B79aZNNBU8SpOqD1TjOdhQybX5IJ7HmW%2Bk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449f0d3356af-OSL
content-encoding: br

www.animapuglia.it/wp-content/themes/newspaper-eye/style.css?ver=1.0.6

172.67.162.22

200 OK

2.0 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/themes/newspaper-eye/style.css?ver=1.0.6
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
ASCII text, with very long lines (1994), with no line terminators
Size
2.0 kB (1976 bytes)
Hash
92b57f0071c9d203d08576c4d01bbe99
ee8c6c7fb902b08c52f6e64acc3988dfd1484bf0
ee61931f824f48dffcb2e1f36c174e0ba7e9b09e5cc30a4071c40acd93ab7629

HTTP Headers

GET /wp-content/themes/newspaper-eye/style.css?ver=1.0.6 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:44 GMT
content-type: text/css
cache-control: public, max-age=43200
cf-bgj: minify
cf-polished: origSize=1984
alt-svc: h3=":443"; ma=86400
etag: W/"7c0-6631e7ea-372164;br"
expires: Fri, 03 May 2024 20:38:50 GMT
last-modified: Wed, 01 May 2024 06:57:46 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yBiV5sya%2BvfHD2GGdbh8Y%2F9TVLzFPLeFKZ%2BjEIHKOugce0pKabl%2Fhg2Joek4h2iBk5S4h4bGaJ6JL%2FnRugKZ1VdCb1qFAGRtpyFFaIetD7ltFuCX4RJ4pjTxWkyd9LFij6j8EYc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449eed1656af-OSL
content-encoding: br

www.animapuglia.it/wp-content/themes/newspaper-eye/assets/webfonts/fa-solid-900.woff2

172.67.162.22

200 OK

78 kB

URL GET HTTP/3
www.animapuglia.it/wp-content/themes/newspaper-eye/assets/webfonts/fa-solid-900.woff2
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

HTTP Headers

GET /wp-content/themes/newspaper-eye/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.animapuglia.it/wp-content/themes/newspaper-eye/assets/css/all.css?ver=5.15.3
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c37d501c-817a-418d-abf2-8a0d53f835b5%3A2%3A1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 21:15:45 GMT
content-type: font/woff2
content-length: 78196
cache-control: public, max-age=43200
expires: Fri, 03 May 2024 20:38:51 GMT
etag: "13174-6631e7ea-372144;;;"
last-modified: Wed, 01 May 2024 06:57:46 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FagXAzdcTeoQW76SrfZ3VUs1jG729QQGBnWGMRXPkk7ZNKh6mKdkHFLdLCyvuMBMyOHNa23HqFfvmAwHUVWS7tBW2kNEzR39KofKpcaNQrReeTATmA8AcqiJtNa1mnRKQUUqmo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e344a82d7d56af-OSL

www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/

172.67.162.22

200 OK

37 kB

URL User Request GET HTTP/2
www.animapuglia.it/nimoes/2024/05/04/14638SFdy30XtE/
IP
172.67.162.22:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectanimapuglia.it
Fingerprint4C:CE:5A:16:7B:BF:02:14:3C:A5:96:0B:DC:EE:F7:C5:E9:9B:89:E6
ValidityFri, 03 May 2024 03:13:31 GMT - Thu, 01 Aug 2024 03:13:30 GMT

File type

Size
37 kB (37077 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nimoes/2024/05/04/14638SFdy30XtE/ HTTP/1.1
Host: www.animapuglia.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 21:15:43 GMT
content-type: text/html; charset=UTF-8
link: <https://www.animapuglia.it/wp-json/>; rel="https://api.w.org/", <https://www.animapuglia.it/wp-json/wp/v2/posts/14638>; rel="alternate"; type="application/json", <https://www.animapuglia.it/?p=14638>; rel=shortlink
vary: Accept-Encoding
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycMmyj%2BHFMbTZigvv4oeRRLczSUzbva%2FFpQgKkiE7tnPu9FOW6sn8y15nzgiGJcYgusrrX%2Fv1TRklmi9H%2ByHi1vg51ybyS%2Bh1rMDFCGvCyX5G8YECUeYBDXD%2BlcoVe6n6VjbQas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e3449b5fc5568b-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL