Report - puzzlegym.ro/2013/08/ana-stefan/ana-stefan1

Report Overview

Submitted URL
puzzlegym.ro/2013/08/ana-stefan/ana-stefan1
IP
91.212.66.20
ASN
#48837 Sc Alfa Web Srl
Submitted
2022-12-17 14:30:08
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.38.198.114
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	736 B	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	69 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
getpocket.cdn.mozilla.net	1369	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	44 kB	34.120.5.221
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
puzzlegym.ro	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.6 kB	390 kB	91.212.66.20

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-17	medium	puzzlegym.ro/2013/08/ana-stefan/ana-stefan1	Phishing
2022-12-17	medium	puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/	Phishing
2022-12-17	medium	puzzlegym.ro/wp-content/themes/suffusion/rounded-corners.css?ver=4.4.6	Phishing
2022-12-17	medium	puzzlegym.ro/wp-includes/js/comment-reply.min.js?ver=3.5.2	Phishing
2022-12-17	medium	puzzlegym.ro/wp-content/themes/suffusion/scripts/suffusion.js?ver=4.4.6	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/	299 B	2023-03-09	2023-03-10
Pretty URL puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/ IP 91.212.66.20 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:20:09 Last Seen2023-03-10 10:00:41 Times Seen1 Hash c57e2f6b535ee6e12f7360cd91ff8492 f497a6d989ada9e24a8414abf9f80979661d2793 361c1b64098b32b390e42c9eaefba2d959da0e8053697a9ae95c06e86f38ede5 Loading...

	puzzlegym.ro/wp-includes/js/comment-reply.min.js?ver=3.5.2	2.6 kB	2023-03-09	2023-03-10
Pretty URL puzzlegym.ro/wp-includes/js/comment-reply.min.js?ver=3.5.2 IP 91.212.66.20 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:20:09 Last Seen2023-03-10 10:00:41 Times Seen1 Hash 280478f540303d5644b28bccdf0d2ba4 edbdfdd66ad286d811dffb9f8930a5dba62fad68 445b375085c2a37d596427ac0059ac10f0d187af934c80ffca75bd9074a1c4fd Loading...

	puzzlegym.ro/wp-content/themes/suffusion/scripts/suffusion.js?ver=4.4.6	36 kB	2023-03-09	2023-03-10
Pretty URL puzzlegym.ro/wp-content/themes/suffusion/scripts/suffusion.js?ver=4.4.6 IP 91.212.66.20 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:20:09 Last Seen2023-03-10 10:00:41 Times Seen1 Hash fcdb2e89503313a7040076100f49b264 9540a7887d08e72b89d292c032c3652fa6a8a48b f7e97342a42026567c0558244698bf80e9b3ed4c94ebbfc478a0a18b390027ad Loading...

	puzzlegym.ro/wp-includes/js/jquery/jquery.js?ver=1.8.3	95 kB	2023-03-09	2023-03-10
Pretty URL puzzlegym.ro/wp-includes/js/jquery/jquery.js?ver=1.8.3 IP 91.212.66.20 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:20:09 Last Seen2023-03-10 10:00:41 Times Seen1 Hash 5e61d0fb7b564c50e28f161687312ef3 50b53aeda9b201935e5e9d18cd4f26e22e5dfa70 1d2783c4dfe857de28a5c93cedb1529c105e3f354b6debcc22f648e57dcbcc35 Loading...

	puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/	2.0 kB	2023-03-09	2023-03-10
Pretty URL puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/ IP 91.212.66.20 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:20:09 Last Seen2023-03-10 10:00:41 Times Seen1 Hash 7a1be639827178b6c4b391fc8a6eb749 36742cc30ab6042af0d46a52858cddf4f7be1d7a 9aeaaa70cf3a708d4e0099091a0da5ac4439fdad23ca8ed68e8ede74bcfb5865 Loading...

HTTP Transactions (41)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
96367f956a4177aec7e7e80221539d58
8dcad10fde96c139d1ef212388cb6755fe3fe077
f4f9bdb5180359dfd734cef1e6f1b54bc9d8f72cae557366eb74f22100b94dc4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4F9BDB5180359DFD734CEF1E6F1B54BC9D8F72CAE557366EB74F22100B94DC4"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11522
Expires: Sat, 17 Dec 2022 17:41:58 GMT
Date: Sat, 17 Dec 2022 14:29:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
006dfffeb7559449791e165d33590782
a5f4242ba6f59ec4ddd85b9b60f59ec30621cb9e
962787791519d7f05f0681478f5f41eaf696ab8b53ce823aab642ab3bc4af76c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "962787791519D7F05F0681478F5F41EAF696AB8B53CE823AAB642AB3BC4AF76C"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9697
Expires: Sat, 17 Dec 2022 17:11:33 GMT
Date: Sat, 17 Dec 2022 14:29:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4757
Expires: Sat, 17 Dec 2022 15:49:13 GMT
Date: Sat, 17 Dec 2022 14:29:56 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 7SwFHPGktgC8V5rTXNiI5Mf1vAbzbcHZK5i1xVODg+O3Wy5ASLhvOXpY7w4R3952p0W6690lrM8=
x-amz-request-id: 96JYXKQM6ARQAQKP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 17 Dec 2022 13:53:41 GMT
age: 2175
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30

34.120.5.221

200 OK

44 kB

URL HTTP/2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
IP
34.120.5.221:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
44 kB (43630 bytes)
Hash
211033ba3ceadc9b129d3f185eae9afa
9389d5fb1d3dccd9a1716f2fcf54ee15ace449e1
6008de6a99d9f6bc42e3991ff668932484b143bc55479c66664939294403d421

HTTP Headers

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: f0qW2AI31m2-4evEIfdWCQR_uSuOsDHEWzuWu0xWJafwVIzowFlAUQ==
content-encoding: gzip
via: 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 14:18:15 GMT
content-type: application/json
content-length: 43630
age: 701
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae86164fd9297dfdc05d67d69284d70e
5e5f27e3fd492f715baa6820f05c0fafde4040b3
be20f6ae6a51d20611cb4d350b52a5d0a339af6722fe9b2482ef58826c1e9de0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE20F6AE6A51D20611CB4D350B52A5D0A339AF6722FE9B2482EF58826C1E9DE0"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8589
Expires: Sat, 17 Dec 2022 16:53:06 GMT
Date: Sat, 17 Dec 2022 14:29:57 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 17 Dec 2022 13:45:21 GMT
content-type: application/json
age: 2676
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 17 Dec 2022 14:29:57 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 17 Dec 2022 14:08:00 GMT
age: 1317
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

puzzlegym.ro/2013/08/ana-stefan/ana-stefan1

91.212.66.20

301 Moved Permanently

0 B

URL HTTP/1.1
puzzlegym.ro/2013/08/ana-stefan/ana-stefan1
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /2013/08/ana-stefan/ana-stefan1 HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Dec 2022 14:29:56 GMT
Server: Apache
X-Pingback: http://puzzlegym.ro/xmlrpc.php
Location: http://puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2d1752cd6eb7f48e7494373911a5b996
43d9c23c4d03cccce0fc478f0e12c0874dc762fd
aded7fd1d638c001b0b462fdfeee0549d2ed61b51ced88eb83690e2e20ed36d8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 435
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 14:29:57 GMT
Last-Modified: Sat, 17 Dec 2022 14:22:42 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.38.198.114

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.198.114:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aB32i2NI5d5SVeGSdyorZw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: y+nifvnUP18czburslgYzIdB2ck=

puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/

91.212.66.20

200 OK

20 kB

URL HTTP/1.1
puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1926), with CRLF, LF line terminators
Size
20 kB (20285 bytes)
Hash
b353175022377d621bfc1f087febe1cb
7097b5bf6d18249393e470a5e291aea22d17b645
c68816aba28f37f76eef9e412d6f48a10e2f4826fd317ef1426defa805b8e544

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /2013/08/ana-stefan/ana-stefan1/ HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:57 GMT
Server: Apache
X-Pingback: http://puzzlegym.ro/xmlrpc.php
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

puzzlegym.ro/wp-content/themes/suffusion/skins/light-theme-pale-blue/skin.css?ver=4.4.6

91.212.66.20

200 OK

10 kB

URL HTTP/1.1
puzzlegym.ro/wp-content/themes/suffusion/skins/light-theme-pale-blue/skin.css?ver=4.4.6
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with CRLF line terminators
Size
10 kB (10150 bytes)
Hash
2129333f510c16d5dafd336c168e3fda
595628624d13716cf13221787be60a2b03b12c27
afcc2a56ce5db1a66a2211aed18985af2ebab10756235cbd9af078b2b6f3c1dd

HTTP Headers

GET /wp-content/themes/suffusion/skins/light-theme-pale-blue/skin.css?ver=4.4.6 HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Sun, 14 Apr 2013 09:33:12 GMT
Accept-Ranges: bytes
Content-Length: 10150
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

puzzlegym.ro/wp-content/themes/suffusion/style.css?ver=4.4.6

91.212.66.20

200 OK

77 kB

URL HTTP/1.1
puzzlegym.ro/wp-content/themes/suffusion/style.css?ver=4.4.6
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (888), with CRLF line terminators
Size
77 kB (76861 bytes)
Hash
58e7cf8d47b90592d6809fdc8dd0711d
7cc2181979cd5e33b915fe95fa7b6d84328d2dc3
fb8b0c9708517414ee6610431d288451ffbe9dae7ad453930d0786f91743865b

HTTP Headers

GET /wp-content/themes/suffusion/style.css?ver=4.4.6 HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Sun, 14 Apr 2013 09:33:12 GMT
Accept-Ranges: bytes
Content-Length: 76861
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

puzzlegym.ro/wp-content/themes/suffusion/attachment-styles.css?ver=4.4.6

91.212.66.20

200 OK

3.6 kB

URL HTTP/1.1
puzzlegym.ro/wp-content/themes/suffusion/attachment-styles.css?ver=4.4.6
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
assembler source, ASCII text, with CRLF line terminators
Size
3.6 kB (3626 bytes)
Hash
60efcadeddb2cb5e52831639a71bfb9b
c04a0321b26ec9a3983fb1a1406c404102cb4373
ebb144680aaa4c042ca7d94603a8a4e553fc57a03511efe9fb6a79f5d9a46b5d

HTTP Headers

GET /wp-content/themes/suffusion/attachment-styles.css?ver=4.4.6 HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Sun, 14 Apr 2013 09:33:12 GMT
Accept-Ranges: bytes
Content-Length: 3626
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

puzzlegym.ro/wp-content/themes/suffusion/rounded-corners.css?ver=4.4.6

91.212.66.20

200 OK

4.8 kB

URL HTTP/1.1
puzzlegym.ro/wp-content/themes/suffusion/rounded-corners.css?ver=4.4.6
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with CRLF line terminators
Size
4.8 kB (4768 bytes)
Hash
910d3a6041062716cf2d460ac048bb12
eb60080926d2134cd3a24e1cbb5b906ca40e68fa
46056d679c41459e4ab553857d2549a0ccf93b491fd13841b06a26529e874d76

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/suffusion/rounded-corners.css?ver=4.4.6 HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Sun, 14 Apr 2013 09:33:12 GMT
Accept-Ranges: bytes
Content-Length: 4768
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

puzzlegym.ro/wp-includes/js/comment-reply.min.js?ver=3.5.2

91.212.66.20

200 OK

2.6 kB

URL HTTP/1.1
puzzlegym.ro/wp-includes/js/comment-reply.min.js?ver=3.5.2
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (2565), with no line terminators
Size
2.6 kB (2565 bytes)
Hash
280478f540303d5644b28bccdf0d2ba4
edbdfdd66ad286d811dffb9f8930a5dba62fad68
445b375085c2a37d596427ac0059ac10f0d187af934c80ffca75bd9074a1c4fd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=3.5.2 HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Wed, 22 Aug 2012 23:04:18 GMT
Accept-Ranges: bytes
Content-Length: 2565
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

puzzlegym.ro/wp-content/uploads/suffusion/custom-styles.css?ver=4.4.6

91.212.66.20

200 OK

27 kB

URL HTTP/1.1
puzzlegym.ro/wp-content/uploads/suffusion/custom-styles.css?ver=4.4.6
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (451), with CRLF, LF line terminators
Size
27 kB (27120 bytes)
Hash
e277b9aed8d35811d10e93fa596a2c82
224beb4038ba0de82e6de0b33ab5368ed5adb717
a07cac3af976566f4159ddfdcd0412cbda288d04b991fdbba3d68030fb5b3100

HTTP Headers

GET /wp-content/uploads/suffusion/custom-styles.css?ver=4.4.6 HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Fri, 09 Aug 2013 09:50:38 GMT
Accept-Ranges: bytes
Content-Length: 27120
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

puzzlegym.ro/wp-content/themes/suffusion/scripts/suffusion.js?ver=4.4.6

91.212.66.20

200 OK

36 kB

URL HTTP/1.1
puzzlegym.ro/wp-content/themes/suffusion/scripts/suffusion.js?ver=4.4.6
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (5295), with CRLF line terminators
Size
36 kB (35758 bytes)
Hash
fcdb2e89503313a7040076100f49b264
9540a7887d08e72b89d292c032c3652fa6a8a48b
f7e97342a42026567c0558244698bf80e9b3ed4c94ebbfc478a0a18b390027ad

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/suffusion/scripts/suffusion.js?ver=4.4.6 HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Sun, 14 Apr 2013 09:33:12 GMT
Accept-Ranges: bytes
Content-Length: 35758
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

puzzlegym.ro/wp-includes/js/jquery/jquery.js?ver=1.8.3

91.212.66.20

200 OK

95 kB

URL HTTP/1.1
puzzlegym.ro/wp-includes/js/jquery/jquery.js?ver=1.8.3
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (65483)
Size
95 kB (95437 bytes)
Hash
5e61d0fb7b564c50e28f161687312ef3
50b53aeda9b201935e5e9d18cd4f26e22e5dfa70
1d2783c4dfe857de28a5c93cedb1529c105e3f354b6debcc22f648e57dcbcc35

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.8.3 HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Thu, 15 Nov 2012 02:26:22 GMT
Accept-Ranges: bytes
Content-Length: 95437
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

puzzlegym.ro/wp-content/themes/suffusion/images/follow/Facebook-04.png

91.212.66.20

200 OK

2.0 kB

URL HTTP/1.1
puzzlegym.ro/wp-content/themes/suffusion/images/follow/Facebook-04.png
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2005 bytes)
Hash
e27a9ef1141b99612722512383249afb
0c21359356bf8d48f7b0f1e40fbd4419418fd97c
425750b15059277894c1b2d8b1f2bfa59c1e2ce5974c594dc3faa12dcbd89b56

HTTP Headers

GET /wp-content/themes/suffusion/images/follow/Facebook-04.png HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Sun, 14 Apr 2013 09:33:12 GMT
Accept-Ranges: bytes
Content-Length: 2005
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

puzzlegym.ro/wp-content/themes/suffusion/images/follow/Twitter-08.png

91.212.66.20

200 OK

5.5 kB

URL HTTP/1.1
puzzlegym.ro/wp-content/themes/suffusion/images/follow/Twitter-08.png
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5528 bytes)
Hash
6de983bfefbb3e7c04de37efd757c38f
e3e0f91d97dfbebf8909575acd173909efa096e3
4a29bcce08bca753de3c1569afeed31bd9edccb0086ba8c9f3cb940d151dfb86

HTTP Headers

GET /wp-content/themes/suffusion/images/follow/Twitter-08.png HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Sun, 14 Apr 2013 09:33:12 GMT
Accept-Ranges: bytes
Content-Length: 5528
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

puzzlegym.ro/wp-content/uploads/2012/12/cropped-puzzle21.jpg

91.212.66.20

200 OK

50 kB

URL HTTP/1.1
puzzlegym.ro/wp-content/uploads/2012/12/cropped-puzzle21.jpg
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 950x100, components 3\012- data
Size
50 kB (50214 bytes)
Hash
db30d7b3bbf359b82b441384435dc406
2b60d79a7fac87729f3a6553238f5ee81a8991b4
a8121102ead2adc420596c0cc4fa8812d965af39a049fc4ac7f6a154aabd3cb6

HTTP Headers

GET /wp-content/uploads/2012/12/cropped-puzzle21.jpg HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/wp-content/uploads/suffusion/custom-styles.css?ver=4.4.6

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Sun, 14 Apr 2013 08:23:35 GMT
Accept-Ranges: bytes
Content-Length: 50214
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

puzzlegym.ro/wp-content/themes/suffusion/images/menu-light.jpg

91.212.66.20

200 OK

677 B

URL HTTP/1.1
puzzlegym.ro/wp-content/themes/suffusion/images/menu-light.jpg
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 10x120, components 3\012- data
Size
677 B (677 bytes)
Hash
d3c07b1ce6a4cc075f9f085a96df51b3
c1957ffd8ab58a805ac4a7b911091dbd99b7dd01
750a647f8cb76ef7f1ceb365d01e68af5ffd16ed22d4746a4baa14aa6c112020

HTTP Headers

GET /wp-content/themes/suffusion/images/menu-light.jpg HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/wp-content/themes/suffusion/skins/light-theme-pale-blue/skin.css?ver=4.4.6

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Sun, 14 Apr 2013 09:33:12 GMT
Accept-Ranges: bytes
Content-Length: 677
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

puzzlegym.ro/wp-content/themes/suffusion/images/iconset-0.png

91.212.66.20

200 OK

25 kB

URL HTTP/1.1
puzzlegym.ro/wp-content/themes/suffusion/images/iconset-0.png
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
PNG image data, 100 x 276, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (24838 bytes)
Hash
68df50d505b02ccc4699830969e7aea3
32dbd797f59ab7e01514cdfe8f303a3e1f1564e6
ea6ba1709b3ac79adec10192dfba4849d041ddfa41e6fef7ff3046a632d29c17

HTTP Headers

GET /wp-content/themes/suffusion/images/iconset-0.png HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/wp-content/uploads/suffusion/custom-styles.css?ver=4.4.6

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Sun, 14 Apr 2013 09:33:12 GMT
Accept-Ranges: bytes
Content-Length: 24838
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

puzzlegym.ro/wp-content/themes/suffusion/images/search-button-pblue.png

91.212.66.20

200 OK

618 B

URL HTTP/1.1
puzzlegym.ro/wp-content/themes/suffusion/images/search-button-pblue.png
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
618 B (618 bytes)
Hash
3a6053fd02a6a7befbdac7d18dc42912
38c45ad1824c167ab8cbfbba43709c54d8f8e072
94be55e6ed88721c5bba3efe09a6e7f8626fc9fe9fb878b005f6dbbe64b6b082

HTTP Headers

GET /wp-content/themes/suffusion/images/search-button-pblue.png HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/wp-content/themes/suffusion/skins/light-theme-pale-blue/skin.css?ver=4.4.6

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Sun, 14 Apr 2013 09:33:12 GMT
Accept-Ranges: bytes
Content-Length: 618
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

puzzlegym.ro/wp-content/uploads/2013/08/Ana-Stefan1.jpg

91.212.66.20

200 OK

25 kB

URL HTTP/1.1
puzzlegym.ro/wp-content/uploads/2013/08/Ana-Stefan1.jpg
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x600, components 3\012- data
Size
25 kB (25449 bytes)
Hash
3c2a68e3367bc61034632e427a905777
1dc050e3584a29939bf793107b065676d15f86c9
1e78338688c8f141e469d394a1b39f2e739ebb949d9f9d0fdf2607af5bb1251e

HTTP Headers

GET /wp-content/uploads/2013/08/Ana-Stefan1.jpg HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Last-Modified: Mon, 13 Apr 2015 17:16:38 GMT
Accept-Ranges: bytes
Content-Length: 25449
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5870
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 14:29:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5870
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 14:29:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5870
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 14:29:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5870
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 14:29:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5870
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 14:29:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9741 bytes)
Hash
4fdbd1e175352e7ec7dc2a25f04a5a9d
954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2
bdba0c3d4509764e87db688c1b8086c309f4a2cbe95d1f2130ce01d184f2fa17

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9741
x-amzn-requestid: 5d9871d6-1512-4ffa-8b85-3c4c7595b723
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dEj3XGsxoAMFxIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639819c8-7a65df352cc4e71e5aa518f8;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 06:20:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V2j4CWBbvNniyBK3vdt4Hg7ROB-xjuzsvdGBmh2U1BGYGWwkT6JJ_g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:42:32 GMT
age: 60446
etag: "954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b78709f-467b-4047-896c-309ff91c15a3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6002 bytes)
Hash
09028c98b40519661edef458438205f9
0e05448c127660266cdcda59aa4ffeb0232b9451
f5587c8519f78b95108fb5246b14b8c5920f039f2789a73526a3543bad6de8e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b78709f-467b-4047-896c-309ff91c15a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6002
x-amzn-requestid: fb816096-b12a-4024-a7ab-0bc162022ba5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dEHqYFCfoAMFR-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6397eca8-7b855af154aaf1464bf71418;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 03:08:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cpsW3BhW1a2_mUFtDlsNSKP7eTBxCT3-4bffoRl3FPVQINyO3Wkjdg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 07:03:16 GMT
age: 26802
etag: "0e05448c127660266cdcda59aa4ffeb0232b9451"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae934ee-7c6e-4784-90fd-ef6c864097ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7048 bytes)
Hash
1c3454ef9b4c0d31eecf53e44471cecb
f1182e860380b637388fa7f90c36e0a8c9edd657
c474493452d48121f0050efdd197231909d3c9de0fccbe07bf5706162b848624

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae934ee-7c6e-4784-90fd-ef6c864097ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7048
x-amzn-requestid: d2665a61-0c5f-429e-bd9c-f4c6aec4fe14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjEvH6VIAMFd2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce551-65d1775b5f07d8bf10beae48;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zWO_LMG3fez0GBfCwXtYm9IPAN1LKsomAPVR8ApRb44i2UAf5tOHAw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:30 GMT
age: 60568
etag: "f1182e860380b637388fa7f90c36e0a8c9edd657"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11667 bytes)
Hash
dce7a87ac0852f838007018af2e83cb5
379f7844a18284958ec0250cc45f2c91ac1ddfcf
31a5191700b9d5c2e471c0e6db15d43f1804b61c6a0867340e8001c32a0dabb5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: f8f1832c-4269-4c4b-83c0-4c2d8c2fdd8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC7GLSIAMFd4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-4c54f9704a32da245a90ab0d;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CrmrekFQeOTjAkIBgbGSNGN66ysdrtGK1uuzJV-b6nB1WFrOrtf1OA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
etag: "379f7844a18284958ec0250cc45f2c91ac1ddfcf"
content-type: image/jpeg
age: 60579
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9837 bytes)
Hash
2fae5a52ce167de2a060dc814a744e98
4b108a79a4ad796a34f4b2b8950df907137680e3
61e1fe4a8c074a031e0628ca393449e42d70dcf3411481936c26c1fad7a5451b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9837
x-amzn-requestid: 7c104466-a4d8-4e03-94e6-79a18bd3bf54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjWiEMlIAMFaaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce5c3-4b0e776f4f0edd533795a6ee;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:40:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BoDm_UMgTvGhUoJOaM2x6-YXgFOFuLanBV4hjgsPNTFxn_9CQjELUQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
etag: "4b108a79a4ad796a34f4b2b8950df907137680e3"
content-type: image/jpeg
age: 60579
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8002 bytes)
Hash
86be9c16e4a62785e7f3a0cc8a956143
6cac191c918ff47d3e66e327e8c8a9c0fec9a88b
81dfec15eb1dc19acae5071663b9deaa9fa11f00378e36871c5b31a548a0626b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8002
x-amzn-requestid: bcaeff23-947f-441a-8aea-1e0d54f2cc3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjD7GjdoAMFVIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce54c-5fb0d9d76945c4f63d210806;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iWxLKwjIxP-hiy4A3yvosYlQAzRu0STuwy4K9LuqK77WphLXQH9m6A==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
age: 60579
etag: "6cac191c918ff47d3e66e327e8c8a9c0fec9a88b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

puzzlegym.ro/favicon.ico

91.212.66.20

200 OK

0 B

URL HTTP/1.1
puzzlegym.ro/favicon.ico
IP
91.212.66.20:0
ASN
#48837 Sc Alfa Web Srl

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: puzzlegym.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://puzzlegym.ro/2013/08/ana-stefan/ana-stefan1/

HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 14:29:58 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30eabd90-57de-40c1-8f98-3a7df7e6c6db.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9027 bytes)
Hash
406a837a79921b55b79cbefe97f28baa
852e6b2fbc7cf50ed1824491293036092ca928e5
310c2d8f56b08dbcc4a6373ec8b7d4c33e531540eb8b5c446609398ee9f3448a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30eabd90-57de-40c1-8f98-3a7df7e6c6db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9027
x-amzn-requestid: 810f640d-b3dd-42fd-8317-f701a2bdb551
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjEjHRfoAMFRfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce550-666de65c79de87b06a985a83;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y34VDlEkPoUgYchKTvPk-88ObNqiDdQWc-9Z3tmuI0TUbSmhliD0iw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:29 GMT
age: 60576
etag: "852e6b2fbc7cf50ed1824491293036092ca928e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (41)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size