r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b7089c645ddc074539d8e19b80cef98
34d2a12ab22405ce01c150dd13e46a781387b00d
1f48c58bc1624f3edf7c67a677f453210524dc536d6e71abe77e5b6f0b437fe5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F48C58BC1624F3EDF7C67A677F453210524DC536D6E71ABE77E5B6F0B437FE5"
Last-Modified: Sat, 11 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5952
Expires: Sun, 12 Feb 2023 06:44:21 GMT
Date: Sun, 12 Feb 2023 05:05:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 254178cc40b1a92de9d879bd731aeb9a
bfab58d211f1f823deed8f91de96ddf778b393a3
469d18130ca960ff8efb710d09f4498bfc21df7339a2e7b79ad1f73a8ce3299a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469D18130CA960FF8EFB710D09F4498BFC21DF7339A2E7B79AD1F73A8CE3299A"
Last-Modified: Sat, 11 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7984
Expires: Sun, 12 Feb 2023 07:18:13 GMT
Date: Sun, 12 Feb 2023 05:05:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b95b930615e89adacbb0cba6ac43288b
257c13545fd3903ece587963bae0c90935ea9bf9
a129cf843807feff42f74c16f73d3e770b143b8f501969694fc4f158bc3e8ba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A129CF843807FEFF42F74C16F73D3E770B143B8F501969694FC4F158BC3E8BA4"
Last-Modified: Sat, 11 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2457
Expires: Sun, 12 Feb 2023 05:46:06 GMT
Date: Sun, 12 Feb 2023 05:05:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 12 Feb 2023 04:34:31 GMT
content-type: application/json
age: 1838
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4UsRff6AC9e07m5ejn0h4hvN3bktdzyxb618wx4so03pdt9IvNCcbdv99HKp4tq5HcnxkpjVY4M=
x-amz-request-id: XCP5Y4DP2BTSPBWJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 12 Feb 2023 04:47:33 GMT
age: 1056
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 12 Feb 2023 05:05:09 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ruvix.ro/
188.214.142.67200 OK 12 kB IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16572)
Hash 0adbb70134bbfdee47dd105d39f53aea
37d8ce221b4e66629919d78d2d5157063d3c6db1
74fb014ecf163d283a50fdc9c90e71262149c1c439bfceb63d04493bcf2da45d
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:09 GMT
Server: Apache
Set-Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9; expires=Sun, 26-Feb-2023 05:05:09 GMT; Max-Age=1209600; path=/; httponly
Cache-Control: no-cache, private, max-age=0
Expires: Sun, 12 Feb 2023 05:05:09 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 11951
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash acbd42596ead43b84762dc23831a5825
e5644743fe53399787a6c8a61eb510c5d5a77569
87d8575980826547a304cc736e92a0fb4c7afe2aeedd2adb74a5738474dd0beb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5345
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:09 GMT
Last-Modified: Sun, 12 Feb 2023 03:36:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 722049fff6da6432aedc18dbf1039da7
1f55138a8d49dfb865b30de14b4324d71efc288c
128132fc73ddfef56a29ffd7ceb735228a8c471603b97224a3431bb6a49260e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 74be9dda7099156aa18f1b97516914dd
55e0e46df1f9bd3e2732c4e5349d46aab1680e63
64a06f506abc1898064db490d3947d54b8b19b6069a17c9b725c0abcbc9999e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 7f4eb7e9978af006bcc935a10a2af6c0
89cab24781c0fceb683466fe24ccd9e688f0752f
dcf32a8132f3daef1b7ceebc89551c03d05a861765681bd819b74dbebf98186d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 12 Feb 2023 04:14:53 GMT
age: 3016
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-981320079
142.250.74.168200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-981320079
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 9a120132304f36568e1870b74fb395a8
abbdc760f10f6efaa5b6fb1afe1a1c83b123cf24
0eb0bbe13476bb12dce7b15609b59e9c0b3aa2fd9ecdd1ce7fd1c9b2e8d46b01
GET /gtag/js?id=AW-981320079 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 12 Feb 2023 05:05:09 GMT
expires: Sun, 12 Feb 2023 05:05:09 GMT
cache-control: private, max-age=900
last-modified: Sun, 12 Feb 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50767
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ruvix.ro/css/front2.css?id=270e3298646f063ac3e0
188.214.142.67200 OK 50 kB URL HTTP/1.1 ruvix.ro/css/front2.css?id=270e3298646f063ac3e0
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type ASCII text, with very long lines (51500)
Hash 934bf9df91823ebaa6711dd12a2ebefc
10ce2b6eb59ec7a98c51119b9c9bd2c418e96a35
0e370df6567c22a3e767552ef145fefe34416ab4d969b69415e0ac8358a38f53
GET /css/front2.css?id=270e3298646f063ac3e0 HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:09 GMT
Server: Apache
Last-Modified: Sat, 28 Jan 2023 08:38:10 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Mon, 12 Feb 2024 05:05:09 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 50355
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.google.com/recaptcha/api.js?render=6Le_O4MaAAAAAKcy3HRQejGjIfKpcDYzLaeAAHjm&badge=inline
216.58.207.228200 OK 599 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Le_O4MaAAAAAKcy3HRQejGjIfKpcDYzLaeAAHjm&badge=inline
IP 216.58.207.228:0
File type ASCII text, with very long lines (931), with no line terminators
Hash eac308f6199bc5538d17cd8f641a9259
da7246c3644ea724633e3137f34426fbc66eb279
cc56833d735ac99af1dd70691b2091551b68c4f3abce92768a6972dfefd79ed6
GET /recaptcha/api.js?render=6Le_O4MaAAAAAKcy3HRQejGjIfKpcDYzLaeAAHjm&badge=inline HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 12 Feb 2023 05:05:09 GMT
date: Sun, 12 Feb 2023 05:05:09 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 599
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 722049fff6da6432aedc18dbf1039da7
1f55138a8d49dfb865b30de14b4324d71efc288c
128132fc73ddfef56a29ffd7ceb735228a8c471603b97224a3431bb6a49260e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 74be9dda7099156aa18f1b97516914dd
55e0e46df1f9bd3e2732c4e5349d46aab1680e63
64a06f506abc1898064db490d3947d54b8b19b6069a17c9b725c0abcbc9999e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash df3fde5a0d26b9f4eeca4744adf9872f
fdc9e02314a617c6561dd51b482f044952321ced
b145d052015a9fa27883390091261cb124a4ae3b4eeed8e761dca5eb92b79019
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ruvix.ro/content/blog/thumb1_petrecerea-burlacilor-cum-sa-o-faci-sa-fie-memorabila-si-cum-sa-organizezi-cea-mai-interesanta-petrecere-a-burlacilor_main_1670240101.webp
188.214.142.67200 OK 32 kB URL HTTP/1.1 ruvix.ro/content/blog/thumb1_petrecerea-burlacilor-cum-sa-o-faci-sa-fie-memorabila-si-cum-sa-organizezi-cea-mai-interesanta-petrecere-a-burlacilor_main_1670240101.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 770x406, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 33c91f577f1790816ca05f7564f888f5
1df6e75732eb8bb6d876e1acb986dd29933da6c1
8a5d808092b90fbb203b57bcdf7942e1a3d33ea9b7920324bc797c0c0304aed5
Analyzer Verdict Alert fortinet Malware
GET /content/blog/thumb1_petrecerea-burlacilor-cum-sa-o-faci-sa-fie-memorabila-si-cum-sa-organizezi-cea-mai-interesanta-petrecere-a-burlacilor_main_1670240101.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:09 GMT
Server: Apache
Last-Modified: Mon, 05 Dec 2022 11:35:02 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:09 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 31862
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/webp
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8fb35800c2b4b14aa5a43cb1eec27200
c05fbacf454cda0cf3f3f62b94b0a00311d492d6
cf9df8a54e2dd5ba508ce4c27bd2ebc3524ad381fce0ec7b3bec1338e4569790
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF9DF8A54E2DD5BA508CE4C27BD2EBC3524AD381FCE0EC7B3BEC1338E4569790"
Last-Modified: Sat, 11 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5235
Expires: Sun, 12 Feb 2023 06:32:24 GMT
Date: Sun, 12 Feb 2023 05:05:09 GMT
Connection: keep-alive
ruvix.ro/content/products/thumb1_cutie-medie-baloane-inima_main_1675861785.webp
188.214.142.67200 OK 12 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_cutie-medie-baloane-inima_main_1675861785.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 27fee76d3f9d3aadad4c8abc56d28fef
e7702932b5240001dddecb392e4d5b00a8667575
ef7f69c496711b42a0a40d62c60b4aaa1baccde50bdafb878abf1c73770200e8
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_cutie-medie-baloane-inima_main_1675861785.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:09 GMT
Server: Apache
Last-Modified: Wed, 08 Feb 2023 13:09:46 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:09 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 11568
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/products/thumb1_cutie-medie-din-inima_main_1675861951.webp
188.214.142.67200 OK 22 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_cutie-medie-din-inima_main_1675861951.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 32b43bf54aef8086d86fb910fe8e711b
9fc60bf227e9d5e57450413a8487953e32282b0f
c83ccdff3bb7e32e7fde22b417cacd33930c81bfd497fa5c5f60b3280b3af66f
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_cutie-medie-din-inima_main_1675861951.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:09 GMT
Server: Apache
Last-Modified: Wed, 08 Feb 2023 13:12:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:09 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 22010
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/blog/thumb1_cadouri-de-craciun-pentru-parinti-vezi-ce-le-ar-placea-parintilor-sa-primeasca-sub-brad_main_1667907859.webp
188.214.142.67200 OK 55 kB URL HTTP/1.1 ruvix.ro/content/blog/thumb1_cadouri-de-craciun-pentru-parinti-vezi-ce-le-ar-placea-parintilor-sa-primeasca-sub-brad_main_1667907859.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 770x406, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c9bf2c6a589f1427792d4b79fdee04a4
0cf8f8fd9c1a1d6235332fd81e3865151938a13f
eddc92d6fa974cc1bb0ef3211cebcc47804ce8e01088f620c0dd559a469e86ba
Analyzer Verdict Alert fortinet Malware
GET /content/blog/thumb1_cadouri-de-craciun-pentru-parinti-vezi-ce-le-ar-placea-parintilor-sa-primeasca-sub-brad_main_1667907859.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:09 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 11:44:20 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:09 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 55076
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/products/thumb1_cutie-medie-cerc-indragostit_main_1675861899.webp
188.214.142.67200 OK 16 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_cutie-medie-cerc-indragostit_main_1675861899.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 058d073c71ea9e5476e1ecc162f43317
cf75494ce51a5ceaa7bce02b1a23b3036f555b50
120cbb441c97e5c8b70d45b1a244c933c2446e6d691a7c91d9fa0c1d7d2d088c
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_cutie-medie-cerc-indragostit_main_1675861899.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:09 GMT
Server: Apache
Last-Modified: Wed, 08 Feb 2023 13:11:40 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:09 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 15714
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/images/ruvix-logo2.png
188.214.142.67200 OK 11 kB URL HTTP/1.1 ruvix.ro/images/ruvix-logo2.png
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type PNG image data, 191 x 140, 8-bit/color RGBA, non-interlaced\012- data
Hash da9dc8b1a085fccd7775d14cbff66b08
aa2bc05c14a13f8f4d782adc1e907af2994c3fe9
9e3126e75c773e2d004fd69e4ce7130d330431fe5f3c257f5461e5dfc192e57c
GET /images/ruvix-logo2.png HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:09 GMT
Server: Apache
Last-Modified: Sat, 28 Jan 2023 08:38:10 GMT
Accept-Ranges: bytes
Content-Length: 11064
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:09 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 16b6cd197b43e664f7259eaadd1dbc86
5f0137bec2f3136787b8936bd7e9aff50b17532e
744d4f85e7356c3ca3ef290ed4bf3913891da9408b8d6e6d9c0053a85db2fc6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.35200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 14:34:21 GMT
expires: Fri, 09 Feb 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 225048
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
142.250.74.35200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5384, version 1.0\012- data
Hash 96b6d54684daa94742f7bfd72a981213
72c3ac29b2fcceea390d3a51c7a892efde65e4d9
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 Feb 2023 09:39:01 GMT
expires: Sat, 10 Feb 2024 09:39:01 GMT
cache-control: public, max-age=31536000
age: 156368
last-modified: Wed, 27 Apr 2022 16:11:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2
142.250.74.35200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5512, version 1.0\012- data
Hash 72b3ae37567ee5efdf2254b657c36ba9
3a4cf2dc2cabd33b5b2c7cef3221131520f618a0
9c15f7b06458075c69b40e79f03e62d43017ecf4c618487add407ee47e438684
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5512
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 08:49:02 GMT
expires: Wed, 07 Feb 2024 08:49:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:59:05 GMT
content-type: font/woff2
age: 418567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 281 B IP 104.18.32.68:0
Hash 2c20e2bafbdb391e8a46b1158d0e6b87
443f4e7fbabcce81f9040c933d68c3a3ee5fd2aa
86794c26379d8833e218994d6d3f0e9991dddbf43367e222817ab9175f3d567f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Fri, 10 Feb 2023 10:12:22 GMT
Expires: Fri, 17 Feb 2023 10:12:21 GMT
Etag: "443f4e7fbabcce81f9040c933d68c3a3ee5fd2aa"
Cache-Control: max-age=449831,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7982c9a43829b500-OSL
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.35200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 09:41:14 GMT
expires: Wed, 07 Feb 2024 09:41:14 GMT
cache-control: public, max-age=31536000
age: 415436
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
142.250.74.35200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5544, version 1.0\012- data
Hash 0ed299a4bb5262e17e2145783b2c18f1
65af2a037a5ef8a8d383d518377ea1f9f6837631
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 00:23:00 GMT
expires: Tue, 06 Feb 2024 00:23:00 GMT
cache-control: public, max-age=31536000
age: 535330
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 16b6cd197b43e664f7259eaadd1dbc86
5f0137bec2f3136787b8936bd7e9aff50b17532e
744d4f85e7356c3ca3ef290ed4bf3913891da9408b8d6e6d9c0053a85db2fc6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 02:42:36 GMT
expires: Wed, 07 Feb 2024 02:42:36 GMT
cache-control: public, max-age=31536000
age: 440554
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ruvix.ro/content/slideshow/thumb_cani-de-cuplupng_1675954958.webp
188.214.142.67200 OK 4.1 kB URL HTTP/1.1 ruvix.ro/content/slideshow/thumb_cani-de-cuplupng_1675954958.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 482x251, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e65f8289e2eb2802e202092ff2d7bd0d
b0090d7f5afb6e1c14214f8a2cfb487d62a6068b
860bb511426fa87370b3fec6bf8150614de201b6e8f06f4884f9674cb3037c41
Analyzer Verdict Alert fortinet Malware
GET /content/slideshow/thumb_cani-de-cuplupng_1675954958.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:09 GMT
Server: Apache
Last-Modified: Thu, 09 Feb 2023 15:02:39 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:09 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 4056
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/webp
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.35200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 04:05:29 GMT
expires: Tue, 06 Feb 2024 04:05:29 GMT
cache-control: public, max-age=31536000
age: 521981
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 16b6cd197b43e664f7259eaadd1dbc86
5f0137bec2f3136787b8936bd7e9aff50b17532e
744d4f85e7356c3ca3ef290ed4bf3913891da9408b8d6e6d9c0053a85db2fc6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ruvix.ro/content/slideshow/banner-marepng_1675954934.webp
188.214.142.67200 OK 38 kB URL HTTP/1.1 ruvix.ro/content/slideshow/banner-marepng_1675954934.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 964x502, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ed28e3692571e9be0851b1449602cf7b
73ead562ec48c3d6c85e4d46edc8fbd0b62eb410
dc17625d57daa0598c3e512f16a97342d75af12a35739189c310cd26fb6f5a04
Analyzer Verdict Alert fortinet Malware
GET /content/slideshow/banner-marepng_1675954934.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:09 GMT
Server: Apache
Last-Modified: Thu, 09 Feb 2023 15:02:15 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:09 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 38060
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/webp
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
142.250.74.35200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5452, version 1.0\012- data
Hash a6ff41d10fa89e7f8fec937c243d7428
334853f61ceb1fb096818740cc62d5840fbbae46
5f9d6298f5edc6d2b57a6f3a30f87f1c93c84b7aad7c5e9bf9d3a2c9384403fa
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 12:07:23 GMT
expires: Fri, 09 Feb 2024 12:07:23 GMT
cache-control: public, max-age=31536000
age: 233867
last-modified: Wed, 27 Apr 2022 16:10:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 16b6cd197b43e664f7259eaadd1dbc86
5f0137bec2f3136787b8936bd7e9aff50b17532e
744d4f85e7356c3ca3ef290ed4bf3913891da9408b8d6e6d9c0053a85db2fc6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ruvix.ro/fonts/fa-light-300.woff2
188.214.142.67200 OK 82 kB URL HTTP/1.1 ruvix.ro/fonts/fa-light-300.woff2
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type Web Open Font Format (Version 2), TrueType, length 82004, version 1.0\012- data
Hash b6a503f4ef2da53e2cb706dfd3c1e6c7
a770a1a11206e630f5d185c88610e8dc57d4a652
7991d4a006c2fc85da43d13d50343030192b62a2e3b6e7692228c75ace5434e7
Analyzer Verdict Alert fortinet Malware
GET /fonts/fa-light-300.woff2 HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ruvix.ro/css/front2.css?id=270e3298646f063ac3e0
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:09 GMT
Server: Apache
Last-Modified: Sat, 28 Jan 2023 08:38:10 GMT
Accept-Ranges: bytes
Content-Length: 82004
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:09 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff2
ruvix.ro/content/blog/thumb1_idei-cadouri-pasionati-auto-ce-surprize-poti-sa-le-faci-masinistilor-in-aceasta-perioada_main_1668674792.webp
188.214.142.67200 OK 21 kB URL HTTP/1.1 ruvix.ro/content/blog/thumb1_idei-cadouri-pasionati-auto-ce-surprize-poti-sa-le-faci-masinistilor-in-aceasta-perioada_main_1668674792.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 770x406, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4b58ba954425d9448a322f7630f5c179
eb7576494c65d842437da5142392383b60eee18a
2f2cffae26c0483446c2b07334ed9eef170e98c57864f66342f468dcb1e57735
Analyzer Verdict Alert fortinet Malware
GET /content/blog/thumb1_idei-cadouri-pasionati-auto-ce-surprize-poti-sa-le-faci-masinistilor-in-aceasta-perioada_main_1668674792.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:09 GMT
Server: Apache
Last-Modified: Thu, 17 Nov 2022 08:46:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:09 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 20870
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/fonts/fa-solid-900.woff2
188.214.142.67200 OK 64 kB URL HTTP/1.1 ruvix.ro/fonts/fa-solid-900.woff2
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type Web Open Font Format (Version 2), TrueType, length 64428, version 1.0\012- data
Hash c4fc4e6d5fcf0af616e6cd6f884b72e9
6e84c534e8ac039bf999ea1e78b7a717c2af3992
fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad
Analyzer Verdict Alert fortinet Malware
GET /fonts/fa-solid-900.woff2 HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ruvix.ro/css/front2.css?id=270e3298646f063ac3e0
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Sat, 28 Jan 2023 08:38:10 GMT
Accept-Ranges: bytes
Content-Length: 64428
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
ruvix.ro/fonts/fa-brands-400.woff2
188.214.142.67200 OK 61 kB URL HTTP/1.1 ruvix.ro/fonts/fa-brands-400.woff2
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type Web Open Font Format (Version 2), TrueType, length 61272, version 1.0\012- data
Hash cd22101796ef18a6c0de26a6444b85fc
0084eafad9fe961b0bd67fa0f844b75a84afcc01
911c9e4a18166ae4b0ff905a0141335fbf88c3c69edf8d621a18906877983ee4
Analyzer Verdict Alert fortinet Malware
GET /fonts/fa-brands-400.woff2 HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ruvix.ro/css/front2.css?id=270e3298646f063ac3e0
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Sat, 28 Jan 2023 08:38:10 GMT
Accept-Ranges: bytes
Content-Length: 61272
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2
ruvix.ro/js/front2.js?id=c81410447c5c43c0b9f0
188.214.142.67200 OK 104 kB URL HTTP/1.1 ruvix.ro/js/front2.js?id=c81410447c5c43c0b9f0
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type ASCII text, with very long lines (31992)
Size 104 kB (104214 bytes)
Hash c22d522f399210b44f1d9a23530eaa49
8cd6314693c87294ca48631757a66748ff1a8dd8
6f8088533b85158fc4e1b7b8b40de1c6cc54cf820007c726e4e99067253be821
Analyzer Verdict Alert fortinet Malware
GET /js/front2.js?id=c81410447c5c43c0b9f0 HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:09 GMT
Server: Apache
Last-Modified: Sat, 28 Jan 2023 08:38:10 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Mon, 12 Feb 2024 05:05:09 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 104214
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ruvix.ro/content/products/thumb1_set-2-cani-i-love-you_main_1642163993.webp
188.214.142.67200 OK 21 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_set-2-cani-i-love-you_main_1642163993.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2efd9fac8ee69b1adfae31f2c49d4806
78c84435a1d5ec211eca0fd3729f8149dbf5a9e8
6bd215b02c4dc10bc6f7e2eb57aedd54b49cb597a0f3c33fbf285081dbfa8df8
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_set-2-cani-i-love-you_main_1642163993.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Fri, 14 Jan 2022 12:39:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 20900
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/webp
push.services.mozilla.com/
54.189.204.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.204.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7DcN5fcmoSliLlH+0KRjRA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gCUhvAhd9rbR/LNNjZR6oHXF0J8=
ruvix.ro/content/slideshow/thumb_hanorace-de-cuplupng_1675955015.webp
188.214.142.67200 OK 10 kB URL HTTP/1.1 ruvix.ro/content/slideshow/thumb_hanorace-de-cuplupng_1675955015.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 482x251, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e0cd248954fb9007567daca3c520f6b9
5e684a1d6e88162545cd472f3a13acec53395c32
fb961e6bff8215d2e0e1b9d099d61798878bc92de896c6a331290906bf8d7d28
Analyzer Verdict Alert fortinet Malware
GET /content/slideshow/thumb_hanorace-de-cuplupng_1675955015.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Thu, 09 Feb 2023 15:03:35 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 9986
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/slideshow/thumb_agende-personalizatepng_1675954981.webp
188.214.142.67200 OK 5.0 kB URL HTTP/1.1 ruvix.ro/content/slideshow/thumb_agende-personalizatepng_1675954981.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 482x251, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3fc09911e0d63145b02f42de9a64e1a8
b08bbc30f18c2bebc485a4f53a809845da3527d7
4daf6e13caa65d230faa46c530a2d6e5b96389716640065f14f61c275d77d625
Analyzer Verdict Alert fortinet Malware
GET /content/slideshow/thumb_agende-personalizatepng_1675954981.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Thu, 09 Feb 2023 15:03:02 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 5046
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/products/thumb1_set-2-cani-mr-and-mrs-right_main_1642163128.webp
188.214.142.67200 OK 19 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_set-2-cani-mr-and-mrs-right_main_1642163128.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3c68c2cd5950f9ce5036144ac701dea4
739439a1208589793208601660c1adc6b0119962
093f9dd7e259fda018ace6e0102a62b456feb9aa9afce62db1e8b65c9ed0370b
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_set-2-cani-mr-and-mrs-right_main_1642163128.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Fri, 14 Jan 2022 12:25:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 19338
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/products/thumb1_set-hanorace-de-cuplu-the-boss-the-real-boss_main_1642157565.webp
188.214.142.67200 OK 32 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_set-hanorace-de-cuplu-the-boss-the-real-boss_main_1642157565.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 796544a825c474211d6278bbee7cd55e
668f398f012926c6daca16c7a00fb9533c981e80
497ee04bd4aeb37616f0a198841fa96f7cb3ea249c1136c508d6f1fdb32cc582
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_set-hanorace-de-cuplu-the-boss-the-real-boss_main_1642157565.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Fri, 14 Jan 2022 10:52:47 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 32368
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/products/thumb1_tricouri-de-cuplu-mandru-si-mandruta_main_1476019957.webp
188.214.142.67200 OK 47 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_tricouri-de-cuplu-mandru-si-mandruta_main_1476019957.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2a039db7a1a8af6390cd108e7bda6952
2f0946f373dd82f6ffe242c30f98e44331bbb30a
db02a81659648fe8d8157c1e5c26c2b94d7a6c8f275f83f76d1e2dca0bb2873a
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_tricouri-de-cuplu-mandru-si-mandruta_main_1476019957.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Fri, 14 Aug 2020 12:24:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 47104
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/products/thumb1_set-sweatshirt-king-si-queen_main_1479722131.webp
188.214.142.67200 OK 35 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_set-sweatshirt-king-si-queen_main_1479722131.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bbdf1065bcbb26d1ad24babfbdb28b6a
b5dd280a3721029e472aabd8f8c98f1f9ffef37f
00d31851e96c37421b5b6bca8c643ae47979bc00d0c178c43995aedc034f0120
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_set-sweatshirt-king-si-queen_main_1479722131.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Fri, 14 Aug 2020 12:16:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 34854
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/products/thumb1_set-sweatshirt-mr-si-mrs_main_1569863025.webp
188.214.142.67200 OK 39 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_set-sweatshirt-mr-si-mrs_main_1569863025.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 75fa0d4c9a84db6ba7c2c0786100b20f
d88c81b672e63f79e9cd46b3548501a2adb0710c
771e2e19e730ec13f5546fc9974583167e1900860c6ab57f02849b6eb1934392
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_set-sweatshirt-mr-si-mrs_main_1569863025.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Fri, 14 Aug 2020 12:16:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 39148
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/products/thumb1_set-hanorace-de-cuplu-missing-piece_main_1642168118.webp
188.214.142.67200 OK 40 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_set-hanorace-de-cuplu-missing-piece_main_1642168118.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2ba421d829c4cf386c27a2c613b3e61e
69c05b70486bf54054decb5c43606349c76ee583
f59607bfdd0296c55afc4c2d8fb6e29851c2b8c3698f2b3c3a7a7063dfa52ab4
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_set-hanorace-de-cuplu-missing-piece_main_1642168118.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Fri, 14 Jan 2022 13:48:39 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 40276
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/products/thumb1_tricouri-de-cuplu-te-iubesc_main_1476029310.webp
188.214.142.67200 OK 37 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_tricouri-de-cuplu-te-iubesc_main_1476029310.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aec4a288b51d0be4fd069070e612a38b
3b0ae51444ad9ac157c32d5a58289c67ce948bbc
31ce564cd52b5902d4d8e8c2c6a2c2297863ed07c5a00777bebe938f31853326
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_tricouri-de-cuplu-te-iubesc_main_1476029310.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Fri, 14 Aug 2020 12:24:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 36698
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/products/thumb1_cutie-mare-ursuleti_main_1675862221.webp
188.214.142.67200 OK 13 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_cutie-mare-ursuleti_main_1675862221.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2c7d99f92fcde3db3b565e9a5426d087
87c65955f94712ee1221236599c548e58764fe3c
5b0f0b13202f0670e17deca2dd6cbdf2b248c657b95bedf665480faad0117ace
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_cutie-mare-ursuleti_main_1675862221.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Wed, 08 Feb 2023 13:17:03 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 13343
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/products/thumb1_cutie-mare-din-inima_main_1675862176.webp
188.214.142.67200 OK 22 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_cutie-mare-din-inima_main_1675862176.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 32b43bf54aef8086d86fb910fe8e711b
9fc60bf227e9d5e57450413a8487953e32282b0f
c83ccdff3bb7e32e7fde22b417cacd33930c81bfd497fa5c5f60b3280b3af66f
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_cutie-mare-din-inima_main_1675862176.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Wed, 08 Feb 2023 13:16:17 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 22010
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/products/thumb1_cutie-mare-cerc-indragostit_main_1675862125.webp
188.214.142.67200 OK 11 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_cutie-mare-cerc-indragostit_main_1675862125.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6b4ca02f5ad8e9057587507a0a4efe04
c5542dd78289c6ec46a2f27b2d61aa0faa58a70c
3331c4b2d38eb24d27e4b90c67c2ae9381d999b51a0a2b6bc016b6c4b41d736f
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_cutie-mare-cerc-indragostit_main_1675862125.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Wed, 08 Feb 2023 13:15:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 10905
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/products/thumb1_cutie-mare-baloane-inima_main_1675862063.webp
188.214.142.67200 OK 9.7 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_cutie-mare-baloane-inima_main_1675862063.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e77fcb887ee89672f74c392e1835ac5e
3742db9a64c723fb385c1cea619d4c2aa4ee0f7e
c840984704565f01f4f1bd7dfcf323e372ac4706e481bc3487b87537a5c837cf
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_cutie-mare-baloane-inima_main_1675862063.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Wed, 08 Feb 2023 13:14:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 9724
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/content/products/thumb1_cutie-medie-ursuleti_main_1675862012.webp
188.214.142.67200 OK 11 kB URL HTTP/1.1 ruvix.ro/content/products/thumb1_cutie-medie-ursuleti_main_1675862012.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 555x874, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 10abf6b89c9c737ef1d7407131ce1b3d
af8e6564c033afb8004aa6aa128dbcb7bc1e9441
8fa11de23f0f185a376136b8fef1a73b34ca45b17a335c94c6a711cb24890c6a
Analyzer Verdict Alert fortinet Malware
GET /content/products/thumb1_cutie-medie-ursuleti_main_1675862012.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Wed, 08 Feb 2023 13:13:33 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 11096
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/images/cards.webp
188.214.142.67200 OK 22 kB URL HTTP/1.1 ruvix.ro/images/cards.webp
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type RIFF (little-endian) data, Web/P image\012- data
Hash b869995a79016f3bdaf6ce8ffbfa676f
0ad69848b886a2122aea9030d39ac11edf017bdd
e16ad6ce4350f7e84b47312c9ca4c54b936eeeac0398652599f1f8c2a244aff8
Analyzer Verdict Alert fortinet Malware
GET /images/cards.webp HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Sat, 28 Jan 2023 08:38:10 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 21876
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/webp
ruvix.ro/images/75_white.gif
188.214.142.67200 OK 8.8 kB URL HTTP/1.1 ruvix.ro/images/75_white.gif
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type GIF image data, version 89a, 64 x 64\012- data
Hash b003ad0875240eeaff2073ae0991fa3a
865c32822b317e32a1d9b68ab0a975604230212a
434af7822c83c10f44bdddd147f94f4ba47efede65744d2a7f66de57077cdd07
GET /images/75_white.gif HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Sat, 28 Jan 2023 08:38:10 GMT
Accept-Ranges: bytes
Content-Length: 8765
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
ocsp.sectigo.com/
104.18.32.68200 OK 280 B IP 104.18.32.68:0
Hash 3d452f935accc76a460528f83075dec5
1162ba4cd5850f2d0c840dddaa60115cc875eb7e
68ed62bee5669514e1af41276fb5913b210845491e6347f225dee76673e70378
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Sat, 11 Feb 2023 06:19:30 GMT
Expires: Sat, 18 Feb 2023 06:19:29 GMT
Etag: "1162ba4cd5850f2d0c840dddaa60115cc875eb7e"
Cache-Control: max-age=522258,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7982c9a83837b4f7-OSL
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CA8E1JRC77U9DGARNI5G&lib=ttq
95.101.10.113200 OK 1.5 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CA8E1JRC77U9DGARNI5G&lib=ttq
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3850)
Hash 40dfda65a73e81dc230ebc10ca032458
21e3a178516e98f89615e74d78808ff7aead7298
d4de08d8d9b1db795dc866dcad8bc71eeed6391a39ed163d0f233f8ecce4d833
GET /i18n/pixel/events.js?sdkid=CA8E1JRC77U9DGARNI5G&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202302120505108DD0E4355B5E53A0C19B
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00bbbe43aa987598ed38c1092018da677279f40857a894f4fb1116c63fffaabb6f0ef449531c279cf68645aea3498f0d46085691b265dbb8e53f6828cf1ba4ceb454d4cdeb7c5b55be38f270c7a776897a6
content-encoding: gzip
content-length: 1547
x-origin-response-time: 11,23.34.240.150
x-akamai-request-id: 12ed67d0.1b7e4b27
expires: Sun, 12 Feb 2023 05:05:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 12 Feb 2023 05:05:10 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: _ttp=2LclZwQTKNinDnX3f2I8jTC5umF; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-34-240-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=11, inner; dur=3
x-parent-response-time: 103,95.101.10.109
X-Firefox-Spdy: h2
ruvix.ro/fonts/fa-regular-400.woff2
188.214.142.67200 OK 280 B URL HTTP/1.1 ruvix.ro/fonts/fa-regular-400.woff2
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
Hash 3d452f935accc76a460528f83075dec5
1162ba4cd5850f2d0c840dddaa60115cc875eb7e
68ed62bee5669514e1af41276fb5913b210845491e6347f225dee76673e70378
Analyzer Verdict Alert fortinet Malware
GET /fonts/fa-regular-400.woff2 HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ruvix.ro/css/front2.css?id=270e3298646f063ac3e0
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Sat, 28 Jan 2023 08:38:10 GMT
Accept-Ranges: bytes
Content-Length: 77468
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
manychat.com/pixel/logEvent
18.185.191.84204 No Content 0 B URL HTTP/2 manychat.com/pixel/logEvent
IP 18.185.191.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /pixel/logEvent HTTP/1.1
Host: manychat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ruvix.ro/
Origin: https://ruvix.ro
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 12 Feb 2023 05:05:10 GMT
access-control-allow-origin: https://ruvix.ro
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyMQ.js
95.101.10.113200 OK 68 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyMQ.js
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash aed29396b3f2ed355fe41ddd247a90ec
8d37d412e1c16fa99bddfb2f06180f58112b994e
8b7fc92f09dd513cd4b5a6791c6d5f5f81288ee35b05a41f9f7761ddc49d6c2b
GET /i18n/pixel/static/main.MWNiNWY1N2YyMQ.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: _ttp=2LclZwQTKNinDnX3f2I8jTC5umF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230207210854DAD0B17B0B5ABCD30749
x-tt-trace-host: 0138f0ac8699ebcf6dcd1664781a21c961a6854f24582a4c4aa54f12b9b7f838b9eee0eeacb8de4add20b2283f2641e58b9209b9cde6643672d13e068f6b048521453f8fba86a20c1c85d01f8eac86d76704b3c246a4786952604f7a308eeb373b
content-encoding: gzip
content-length: 68481
date: Sun, 12 Feb 2023 05:05:10 GMT
x-cache: TCP_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=12
x-akamai-request-id: 1b7e4b65
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_5f1fb.js
95.101.10.113200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_5f1fb.js
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with very long lines (65521)
Hash f16c1c11862a4e43108b5852c8c0df2e
16f0c3735407466ceedbdc775ffcdd89f7f24f32
761e9c1d8b3e40f04ee62ae3857081efda2e297c817612bc1387d769fe9c85aa
GET /i18n/pixel/static/identify_5f1fb.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: _ttp=2LclZwQTKNinDnX3f2I8jTC5umF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2023020721083148E1C9F8EEF0C7CE2033
x-tt-trace-host: 01e2cb5113e80710ff8e1892ebd7a2d475967fc99842c105e3cbc3203a00a402d7431f5e223140367c83accbaadb833f5a0d207b3e8d025f4e3dd28297e4174826a8101724b261f2fc32b2ddb21563a7fb80c1d893b6fef16c63e64e063b97a44f
content-encoding: gzip
content-length: 30893
date: Sun, 12 Feb 2023 05:05:10 GMT
x-cache: TCP_MEM_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 1b7e4b90
X-Firefox-Spdy: h2
retargeting.newsmanapp.com/js/retargeting/track.js
142.132.241.139200 OK 12 kB URL HTTP/2 retargeting.newsmanapp.com/js/retargeting/track.js
IP 142.132.241.139:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (45052), with no line terminators
Hash 534a31e8d191390f69c23d2981e435d9
10cd0b008e74059d3391fded34eedb371bb8765d
342799fb27c5ad126d9cd06902a16fee96d3cfdf49ad8fc04afe02cc5c557ad3
GET /js/retargeting/track.js HTTP/1.1
Host: retargeting.newsmanapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 12 Feb 2023 05:05:10 GMT
content-type: application/javascript
content-length: 12415
last-modified: Tue, 07 Feb 2023 16:43:22 GMT
etag: "b007-5f41ed87fbe80"
cache-control: max-age=3600
expires: Sun, 12 Feb 2023 05:52:35 GMT
vary: Accept-Encoding
content-encoding: gzip
x-server: anime2
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
142.250.74.35200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (648)
Size 165 kB (164579 bytes)
Hash f60b6e7cb892104b5a1628c2e55eaa3f
6e882a7e9f7e1a5d2aecc16126a1790e4c3c84d4
c60f5c48c680849d36319aed32ede84bc66d2bdc0b7b6236020666a8e6441ec3
GET /recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164579
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:16:17 GMT
expires: Tue, 06 Feb 2024 17:16:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
content-type: text/javascript
age: 474533
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d3bo67muzbfgtl.cloudfront.net/edrone_2_0.js?app_id=62139c80c6a16
54.230.245.96200 OK 6.4 kB URL HTTP/2 d3bo67muzbfgtl.cloudfront.net/edrone_2_0.js?app_id=62139c80c6a16
IP 54.230.245.96:0
File type ASCII text, with very long lines (26478), with no line terminators
Hash 9c11a6e3f9ce33727cadfdefda2351d2
57fa824476ffd4f473f07791a7c11e2a2fcf5428
33c97f7db7d41f6014289854ef96eec94cfee72be332754887abee1b14c25e44
GET /edrone_2_0.js?app_id=62139c80c6a16 HTTP/1.1
Host: d3bo67muzbfgtl.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 6445
date: Sat, 11 Feb 2023 06:58:43 GMT
server: Apache
last-modified: Fri, 10 Feb 2023 13:07:21 GMT
etag: "676e-5f4582d81a329-gzip"
accept-ranges: bytes
content-encoding: gzip
access-control-expose-headers: x-edrone-event-id
cache-control: public,max-age=86400,s-maxage=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 3tq_luQE-ScOa-rOLtwekemZZ55Oc3WLqEEFmDbCe4hWaX7azfdt3w==
age: 79587
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0d0a8e49f8a32e9d9319ed44ab59a7a6
a8d5253fff3cb217ff3fcb20497697230ec2f362
8d1fd9be4e264234633e693da375f92b840efefd37f3e496849014ed8975b584
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4363
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:10 GMT
Etag: "63e83e6c-1d7"
Last-Modified: Sun, 12 Feb 2023 03:52:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ruvix.ro/images/favicon.jpg
188.214.142.67200 OK 843 B URL HTTP/1.1 ruvix.ro/images/favicon.jpg
IP 188.214.142.67:0
ASN #59854 Top Level Hosting SRL
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 32x32, components 3\012- data
Hash 318549a8bb7d857a6dbf047a01b846f5
a22fa49ef31cc89e2f9d1f1df5fb386bcf22ad76
33e45295b4ccdd3adca2c6e798d1a997400f75e20e4bddfefc6f493c9805255a
GET /images/favicon.jpg HTTP/1.1
Host: ruvix.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: ruvix_session=eyJpdiI6IjU0SmpQRzVcL2xhSDVES0UzeGFuUzh3PT0iLCJ2YWx1ZSI6IkVIUlo3VGtKNnBTZkx6QmxqXC9VUExRQ1k4MTE2eldMdkZvOHZBRGhTaXRZeXRpcUM5b0Y4d2FESXFuR3k0bGdiIiwibWFjIjoiNzVmMGNmMGEzNDY4M2NhYjUzYTRhZDFlMjc2ZWIzNGI4NTZlOGM2ZGQ1MTAxYzc5NzAyZWI4N2IxMDVlYmMxOCJ9; _gcl_au=1.1.1628708995.1676178382; _ga_Z5XRQLYYDS=GS1.1.1676178382.1.0.1676178382.0.0.0; _ga=GA1.1.603413300.1676178382; _tt_enable_cookie=1; _ttp=Ji0rERPI38UXQ9OMEh-uizR0yYv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 12 Feb 2023 05:05:10 GMT
Server: Apache
Last-Modified: Sat, 28 Jan 2023 08:38:10 GMT
Accept-Ranges: bytes
Content-Length: 843
Cache-Control: max-age=2592000
Expires: Tue, 14 Mar 2023 05:05:10 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
analytics.tiktok.com/api/v2/pixel
95.101.10.113200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 758
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://ruvix.ro/
Cookie: _ttp=2LclZwQTKNinDnX3f2I8jTC5umF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202302120505103B5C4E23C482FBCC0472
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00bbbe43aa987598ed38c1092018da677275d63fdb8c1b50f12455d9b2f2385c6ed0042f887d0e08d5a51f70e5e9ec9eeec3be0a2759a396d3e2b416e381daeec1e2b0db41457d5b4cafb7249f12fbeb15a
x-origin-response-time: 53,23.34.240.150
x-akamai-request-id: 12ed6bd3.1b7e4b99
expires: Sun, 12 Feb 2023 05:05:10 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 12 Feb 2023 05:05:10 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-cache-remote: TCP_MISS from a23-34-240-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=53, inner; dur=48
x-parent-response-time: 144,95.101.10.109
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.78200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 12 Feb 2023 03:45:20 GMT
expires: Sun, 12 Feb 2023 05:45:20 GMT
cache-control: public, max-age=7200
age: 4790
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0d0a8e49f8a32e9d9319ed44ab59a7a6
a8d5253fff3cb217ff3fcb20497697230ec2f362
8d1fd9be4e264234633e693da375f92b840efefd37f3e496849014ed8975b584
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4363
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:10 GMT
Etag: "63e83e6c-1d7"
Last-Modified: Sun, 12 Feb 2023 03:52:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 2579a283a1918311cbfaf7b6f45f1a06
d78a382e3595b92f51d26759babf0b5246fc5a4e
0dc2debb962152c31d0798e0590f0740afab1ebb463f21e1efd4d5854253a760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash df3fde5a0d26b9f4eeca4744adf9872f
fdc9e02314a617c6561dd51b482f044952321ced
b145d052015a9fa27883390091261cb124a4ae3b4eeed8e761dca5eb92b79019
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: gGmmyAgQLULHPOOsP7Xi1ML+6mjbPT9ZuLRLuFNzZlfKAh9NdI/a0yB8lnx4UaUeUfAd+S7y13vusLiJKHK4xg==
content-length: 27843
x-fb-trip-id: 1904183273
date: Sun, 12 Feb 2023 05:05:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 10e241cd4b0966d37196d91d8d2e6c53
064966a3ebec09580228d86d47219a5978768673
a2fc7cdd3abea9011ab48a36fec5a49fcc620214da5a3fab76c7c2ce294c4b55
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 3a47ec7ade3b748dcbf3f3a1e32ad207
etag: "c41992543e09b5bb9ad06700af5e9540"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 12 Feb 2023 05:15:12 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: EOJBzUsJZtNxltkdjS5sUw==
x-fb-debug: dTTqrF2L0Vd5qMkGE+9RTlGauYyE+dfP7M9HWYbtBHv0s70XgW5UThntxMN4YAMJgbAninWRM5I5xW4/Fvilgg==
content-length: 1687
x-fb-trip-id: 1904183273
date: Sun, 12 Feb 2023 05:05:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/981320079/?random=1676178381863&cv=11&fst=1676178381863&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fruvix.ro%2F&tiba=Magazin%20de%20cadouri%20%7C%20Cadouri%20Online%20%7C%20Ruvix&auid=1628708995.1676178382&data=event%3Dgtag.config&rfmt=3&fmt=4
216.58.207.226200 OK 892 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/981320079/?random=1676178381863&cv=11&fst=1676178381863&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fruvix.ro%2F&tiba=Magazin%20de%20cadouri%20%7C%20Cadouri%20Online%20%7C%20Ruvix&auid=1628708995.1676178382&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (1911), with no line terminators
Hash cb2408eb2603834121ca51b04a388a44
b91c70f87ba859ec3323a8282962d935fd33656a
f1b0791b935ada67d6525050603539a53b3975758bc895e8eadcc5f6762d83d9
GET /pagead/viewthroughconversion/981320079/?random=1676178381863&cv=11&fst=1676178381863&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fruvix.ro%2F&tiba=Magazin%20de%20cadouri%20%7C%20Cadouri%20Online%20%7C%20Ruvix&auid=1628708995.1676178382&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 05:05:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 892
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 12-Feb-2023 05:20:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0d0a8e49f8a32e9d9319ed44ab59a7a6
a8d5253fff3cb217ff3fcb20497697230ec2f362
8d1fd9be4e264234633e693da375f92b840efefd37f3e496849014ed8975b584
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4363
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:10 GMT
Etag: "63e83e6c-1d7"
Last-Modified: Sun, 12 Feb 2023 03:52:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
s.pinimg.com/ct/core.js
2.18.172.195200 OK 1.1 kB IP 2.18.172.195:0
File type ASCII text, with very long lines (1146), with no line terminators
Hash 20dcf873ff1608d745dceb84d6857da6
d17110bf379c531240ee77310be38d61e3c54777
6b6f8057e240a65dc3ed044f6249e4a12d5e9d2c4f8e18e0f44f9603ee5a03ff
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "20dcf873ff1608d745dceb84d6857da6"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 2579a283a1918311cbfaf7b6f45f1a06
d78a382e3595b92f51d26759babf0b5246fc5a4e
0dc2debb962152c31d0798e0590f0740afab1ebb463f21e1efd4d5854253a760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 413d3ea02d11c77da97e4185ed04b616
4f6055f0d863221677ceeb4977187767662988e5
ddcf6596171fe4e1586ac11ac9e6ce52e67f3c33dba5a6dbde118c83421b9e7e
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 12 Feb 2023 05:05:10 GMT
Last-Modified: Sun, 12 Feb 2023 04:23:09 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JvxqBCWSUbbJaBNThJIO8SgvnjeIASiOxQxvS7GBYLfw7ElFYtW0RQ==
Age: 2521
retargeting.newsmanapp.com/js/retargeting/nzm_custom_90793-3084-000000000000000000000000-1b9d55b8072c21ee65bf01b217dc1d28.js
142.132.241.139200 OK 3.5 kB URL HTTP/2 retargeting.newsmanapp.com/js/retargeting/nzm_custom_90793-3084-000000000000000000000000-1b9d55b8072c21ee65bf01b217dc1d28.js
IP 142.132.241.139:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (806)
Hash 3ea4f7447b97742db4a221308cac4db3
4c90b32e064f312f1f14a011d72990d05f2bfee3
e79d21b1c5a1c576dadfb3544acb36f1ba693450369093f5ec1dfd66a21829f5
GET /js/retargeting/nzm_custom_90793-3084-000000000000000000000000-1b9d55b8072c21ee65bf01b217dc1d28.js HTTP/1.1
Host: retargeting.newsmanapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 12 Feb 2023 05:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 3489
access-control-allow-origin: *
cache-control: no-transform,public,max-age=1800,s-maxage=1800
expires: Sun, 12 Feb 2023 05:35:10 GMT
x-server: anime2
vary: Accept-Encoding
content-encoding: gzip
x-cache-status: EXPIRED
X-Firefox-Spdy: h2
retargeting.newsmanapp.com/js/retargeting/ecommerce.js
142.132.241.139200 OK 2.6 kB URL HTTP/2 retargeting.newsmanapp.com/js/retargeting/ecommerce.js
IP 142.132.241.139:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11117), with no line terminators
Hash 05dddd76dca4758742bb6b7e61d1a6de
b8734ce8fa58c1b9f347c5044595a84769d143bf
b8c68ee351adf6fae5d3184fa60ba8e3179467b784c6c7cbd90d4ee1d47f7c78
GET /js/retargeting/ecommerce.js HTTP/1.1
Host: retargeting.newsmanapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 12 Feb 2023 05:05:10 GMT
content-type: application/javascript
content-length: 2633
last-modified: Fri, 13 Jan 2023 09:34:23 GMT
etag: "2b6d-5f221f04d65c0"
cache-control: max-age=3600
expires: Sun, 12 Feb 2023 05:21:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-server: anime2
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash bd61238ae658ea7998420957aeb093b6
4b51643ddfbe80940f6f5c4fb1f4ec77ff15e440
a764817b2ce4feeac146b7bbc12eb31ba027eb2a7d31842cbfde843b8d12baee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Feb 2023 05:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js?hash=3e462b6fbb99a6898a6994db330b1a68
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=3e462b6fbb99a6898a6994db330b1a68
IP 31.13.72.12:0
File type ASCII text, with very long lines (13245)
Hash 874ca0eca3d942364d6f42c07e1d1e4d
53aa2cfc72b03923394f7aa57d4e1a1781c65bb6
2bc5e5acafc339c0c2d7a071d3b50c9654e85e76046cbf1782fb5c2255e04ef4
GET /en_US/sdk.js?hash=3e462b6fbb99a6898a6994db330b1a68 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: f60addf1aa4a1198d02781afaf941a5c
etag: "3652531cc415346a33e055f2f2dae66e"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 12 Feb 2024 03:00:24 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: h0yg7KPZQjZNb0LAfh0eTQ==
x-fb-debug: JVJjkKhpAqyg53YSDoCqrKW/FAW8vdDHKbhm0xxTyP9UhfOnJ946RR8S/+4qLMAgPaOANPY6DgCW7QshoSCc/Q==
priority: u=3,i
content-length: 87036
x-fb-trip-id: 1904183273
date: Sun, 12 Feb 2023 05:05:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/981320079/?random=1676178381863&cv=11&fst=1676178000000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fruvix.ro%2F&tiba=Magazin%20de%20cadouri%20%7C%20Cadouri%20Online%20%7C%20Ruvix&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3373443352&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/981320079/?random=1676178381863&cv=11&fst=1676178000000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fruvix.ro%2F&tiba=Magazin%20de%20cadouri%20%7C%20Cadouri%20Online%20%7C%20Ruvix&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3373443352&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/981320079/?random=1676178381863&cv=11&fst=1676178000000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fruvix.ro%2F&tiba=Magazin%20de%20cadouri%20%7C%20Cadouri%20Online%20%7C%20Ruvix&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3373443352&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 05:05:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.57992c41.js
2.18.172.195200 OK 20 kB URL HTTP/2 s.pinimg.com/ct/lib/main.57992c41.js
IP 2.18.172.195:0
File type ASCII text, with very long lines (57033), with no line terminators
Hash a2989b2a8a5c2cde42b6a5ab4aadbe8c
8d491fee3e1efb9ff779a876c68cac713e95ae6a
f8e23d16e80c334666ecc019b8a1a12310ee3c73b651677ca3020ac0db650d19
GET /ct/lib/main.57992c41.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "a2989b2a8a5c2cde42b6a5ab4aadbe8c"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 19688
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.142200 OK 959 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.142:0
File type ASCII text, with very long lines (509)
Hash 7f70c5583b9ec5b80b6c74597cca9e76
0c7d0eeaa454716f6c6e402eae849a986c1f9905
ea2afc8df0129ad193e5de0c1d41796f890746366f15b5632bcd4169edc58952
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sun, 12 Feb 2023 05:05:10 GMT
date: Sun, 12 Feb 2023 05:05:10 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=a02Uz4gh-cM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=5Czi_xnV0J8; Domain=.youtube.com; Expires=Fri, 11-Aug-2023 05:05:10 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1T1RFek1UQXlORE01T0RNME9ERXdNQT09EIbnoZ8GGIbnoZ8G; Domain=.youtube.com; Expires=Fri, 11-Aug-2023 05:05:10 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+052; expires=Tue, 11-Feb-2025 05:05:10 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-44966307-1&cid=603413300.1676178382&jid=1449296752&gjid=1817598695&_gid=1432874106.1676178382&_u=IADAAEAAAAAAACAAI~&z=1565116552
142.251.1.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-44966307-1&cid=603413300.1676178382&jid=1449296752&gjid=1817598695&_gid=1432874106.1676178382&_u=IADAAEAAAAAAACAAI~&z=1565116552
IP 142.251.1.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-44966307-1&cid=603413300.1676178382&jid=1449296752&gjid=1817598695&_gid=1432874106.1676178382&_u=IADAAEAAAAAAACAAI~&z=1565116552 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://ruvix.ro
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 12 Feb 2023 05:05:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 21:48:03 GMT
expires: Fri, 09 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 199028
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:20:45 GMT
expires: Tue, 06 Feb 2024 17:20:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 474266
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-Z5XRQLYYDS>m=45je3280&_p=400758291&cid=603413300.1676178382&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1676178382&sct=1&seg=0&dl=https%3A%2F%2Fruvix.ro%2F&dt=Magazin%20de%20cadouri%20%7C%20Cadouri%20Online%20%7C%20Ruvix&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-Z5XRQLYYDS>m=45je3280&_p=400758291&cid=603413300.1676178382&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1676178382&sct=1&seg=0&dl=https%3A%2F%2Fruvix.ro%2F&dt=Magazin%20de%20cadouri%20%7C%20Cadouri%20Online%20%7C%20Ruvix&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Z5XRQLYYDS>m=45je3280&_p=400758291&cid=603413300.1676178382&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1676178382&sct=1&seg=0&dl=https%3A%2F%2Fruvix.ro%2F&dt=Magazin%20de%20cadouri%20%7C%20Cadouri%20Online%20%7C%20Ruvix&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://ruvix.ro
date: Sun, 12 Feb 2023 05:05:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2614254474675&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1676178382766&dep=2%2CPAGE_LOAD
2.18.172.195200 OK 372 B URL HTTP/2 ct.pinterest.com/user/?tid=2614254474675&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1676178382766&dep=2%2CPAGE_LOAD
IP 2.18.172.195:0
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash cb60b4bb9f692e0eccd37330432c3c88
0f850c1d37f97ea20375d7b0b3f56f80f46f7a83
68ef92e043c30a34094e4359ce99370aef1153692f0bd6fe82e0e65120978043
GET /user/?tid=2614254474675&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1676178382766&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPVl6aG1aVGhsTURndFpEZzNNUzAwWWpWakxXRTRaamd0WldJeVpqUTRNbVU0WWpJNA
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://ruvix.ro
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 372
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 1565917416989126
date: Sun, 12 Feb 2023 05:05:11 GMT
vary: Accept-Encoding
akamai-grn: 0.540a655f.1676178311.8805840
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2614254474675&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fruvix.ro%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%2257992c41%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1676178382767
2.18.172.195200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2614254474675&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fruvix.ro%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%2257992c41%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1676178382767
IP 2.18.172.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2614254474675&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fruvix.ro%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%2257992c41%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1676178382767 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 2471299392452041
date: Sun, 12 Feb 2023 05:05:11 GMT
akamai-grn: 0.540a655f.1676178311.8805841
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=497314460458259&ev=PageView&dl=https%3A%2F%2Fruvix.ro%2F&rl=&if=false&ts=1676178382980&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676178382979.1208452013&it=1676178382517&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=497314460458259&ev=PageView&dl=https%3A%2F%2Fruvix.ro%2F&rl=&if=false&ts=1676178382980&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676178382979.1208452013&it=1676178382517&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=497314460458259&ev=PageView&dl=https%3A%2F%2Fruvix.ro%2F&rl=&if=false&ts=1676178382980&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676178382979.1208452013&it=1676178382517&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 12 Feb 2023 05:05:11 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0de0354ee620551182e2bf1fbc6b2194
b5c7e4adb58b525586b77d56acd8c7a9c57c4d8c
c0fe5edc97b1f6642a50428fca8dc93e24696c79a880477beaf7ba27bbc5c243
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0FE5EDC97B1F6642A50428FCA8DC93E24696C79A880477BEAF7BA27BBC5C243"
Last-Modified: Sat, 11 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11146
Expires: Sun, 12 Feb 2023 08:10:57 GMT
Date: Sun, 12 Feb 2023 05:05:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0de0354ee620551182e2bf1fbc6b2194
b5c7e4adb58b525586b77d56acd8c7a9c57c4d8c
c0fe5edc97b1f6642a50428fca8dc93e24696c79a880477beaf7ba27bbc5c243
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0FE5EDC97B1F6642A50428FCA8DC93E24696C79A880477BEAF7BA27BBC5C243"
Last-Modified: Sat, 11 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11146
Expires: Sun, 12 Feb 2023 08:10:57 GMT
Date: Sun, 12 Feb 2023 05:05:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0de0354ee620551182e2bf1fbc6b2194
b5c7e4adb58b525586b77d56acd8c7a9c57c4d8c
c0fe5edc97b1f6642a50428fca8dc93e24696c79a880477beaf7ba27bbc5c243
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0FE5EDC97B1F6642A50428FCA8DC93E24696C79A880477BEAF7BA27BBC5C243"
Last-Modified: Sat, 11 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11146
Expires: Sun, 12 Feb 2023 08:10:57 GMT
Date: Sun, 12 Feb 2023 05:05:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0de0354ee620551182e2bf1fbc6b2194
b5c7e4adb58b525586b77d56acd8c7a9c57c4d8c
c0fe5edc97b1f6642a50428fca8dc93e24696c79a880477beaf7ba27bbc5c243
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0FE5EDC97B1F6642A50428FCA8DC93E24696C79A880477BEAF7BA27BBC5C243"
Last-Modified: Sat, 11 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11146
Expires: Sun, 12 Feb 2023 08:10:57 GMT
Date: Sun, 12 Feb 2023 05:05:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F840dfbaa-f195-414f-9a47-95ac04aea6a4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F840dfbaa-f195-414f-9a47-95ac04aea6a4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21419728615f9da8005d92ec41a8fae4
a9b8820ce43fdb44c07108df4854d9ef60dd18d3
65b89a313d05ae18f5484691a79fc90811c2cc13bd3a68a6a0a0f396336baad5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F840dfbaa-f195-414f-9a47-95ac04aea6a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10172
x-amzn-requestid: bd67c679-7fe2-4f67-9d8a-9a1415cb0d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AMaAiGy_IAMFfhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e80a03-7a43079b156f76f2711d85a3;Sampled=0
x-amzn-remapped-date: Sat, 11 Feb 2023 21:34:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: doAN0fkXDn2YaA6mX3-AmCw3Gjg6B0O7uTPVHUsIQ278FhQDqFQruw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Feb 2023 22:15:47 GMT
age: 24564
etag: "a9b8820ce43fdb44c07108df4854d9ef60dd18d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3b95fd0-70b7-4757-9068-83472c90622c.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3b95fd0-70b7-4757-9068-83472c90622c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd9dfc91c131903f04b22bca2ea07569
8fac706269ae3ec4a9f60a64f6b08066e9eeb22a
d72e6a45a42dd6f6d39bdf2a68837a2fdd73b9df6e01a29dd173725b3d88e97e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3b95fd0-70b7-4757-9068-83472c90622c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12032
x-amzn-requestid: 1be7b95f-1088-4e2a-ba74-bba8a5c3b615
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AMZ_gHE7oAMFfkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e809fc-65057649605a732b64098657;Sampled=0
x-amzn-remapped-date: Sat, 11 Feb 2023 21:34:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3wc9cOb6EBcYrHuQPvVx1h8f0xSef25washUegMtRo7oeLosn4RlYg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Feb 2023 22:11:22 GMT
age: 24829
etag: "8fac706269ae3ec4a9f60a64f6b08066e9eeb22a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f42b427-8727-46ac-b3dd-f06d19878c5d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f42b427-8727-46ac-b3dd-f06d19878c5d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bd5c3cd1e7429e45f982f42e3c4ca842
19b2a86e542f4cf2cd6bb56a28c160dd1dcb118c
a659a61fdcefeabb5276f118c1017f3ee4ff1d5b9e8511f7cb2166a9cc824d52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f42b427-8727-46ac-b3dd-f06d19878c5d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11186
x-amzn-requestid: 35715c7a-2aaa-4419-a768-a4da3443cf94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AKai3G48oAMFY7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e73e11-7e56ed981061b5f66d3d7747;Sampled=0
x-amzn-remapped-date: Sat, 11 Feb 2023 07:04:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TvPFbDC80lt3LVhMgxbW2FzEue-plJ4auiom2wArO7Xqxn4ETpIJwg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Feb 2023 07:27:13 GMT
etag: "19b2a86e542f4cf2cd6bb56a28c160dd1dcb118c"
content-type: image/jpeg
age: 77878
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d541e83-a28d-41ae-96ee-c714e1779f72.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d541e83-a28d-41ae-96ee-c714e1779f72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ebfff39e38a072acb90da1ca6a70818
3e0893c2de220659cfcbb7b3a10e7b61b5a793d5
7c474a70863661059b127c3d811a7d339a8ed85d0e807fcd993282e098589491
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d541e83-a28d-41ae-96ee-c714e1779f72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7180
x-amzn-requestid: 05383e16-b613-4d6d-abe1-041b686dedd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AMaAiHvPIAMFagw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e80a03-68c551686b4c75dc4be8a27b;Sampled=0
x-amzn-remapped-date: Sat, 11 Feb 2023 21:34:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HXb6oe_XyfdX6XqNEqctZ7cMk0tYWOU8OGPTO3s4G1y3Yk3j50Rwow==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Feb 2023 22:11:32 GMT
age: 24819
etag: "3e0893c2de220659cfcbb7b3a10e7b61b5a793d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d2a39d-e35d-41a8-88ce-a7ee383e8c20.jpeg
34.120.237.76200 OK 123 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d2a39d-e35d-41a8-88ce-a7ee383e8c20.jpeg
IP 34.120.237.76:0
File type gzip compressed data, from Unix\012- data
Size 123 kB (122887 bytes)
Hash e287740b4bc918de87d7f751e2e6b6ac
cd4d74b233791c30d16cfcdcd3ae9945344d214f
4697de931d6759d50571e81c8063fbdaa439810ccf83d36c4d8ab840248f0dfb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d2a39d-e35d-41a8-88ce-a7ee383e8c20.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12647
x-amzn-requestid: acc44bca-e984-412a-9288-b08d5a9040c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AMameF-_IAMFWWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e80af5-4c794c7f5eddf2184b7742c0;Sampled=0
x-amzn-remapped-date: Sat, 11 Feb 2023 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -PMIH58XbZgQOh3WE-l4-ld4T8J4FyOeIFVMq9q5FxnduNf0slNHug==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Feb 2023 22:16:15 GMT
age: 24536
etag: "2fe085ba8b4da8ea339f9385a735478cf1cf4094"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1328b38-4c26-4346-9364-04b00f9e8ef0.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1328b38-4c26-4346-9364-04b00f9e8ef0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac85f9dc31c092b34bd59c9f4a2bf52f
9dc8676f615747a2b3ab0f74b4d3007cb93df83a
c1a4485461d295bcf5f83a656d059778401a2835afcac9e103181f99ab3ea7fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1328b38-4c26-4346-9364-04b00f9e8ef0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7534
x-amzn-requestid: 8275cb6e-b051-402c-b956-d8ca055d8fe4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AMbCEHPhIAMFlXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e80ba6-250d3b22764cbdcb501c7cf1;Sampled=0
x-amzn-remapped-date: Sat, 11 Feb 2023 21:41:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _ZZIDT3CYAExikdTDp557MAIIdTT1rulFIRN9XcIOrT-MvZvZmVTEA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Feb 2023 22:12:34 GMT
age: 24757
etag: "9dc8676f615747a2b3ab0f74b4d3007cb93df83a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ct.pinterest.com/ct.html
2.18.172.195200 OK 323 B IP 2.18.172.195:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 1713600493364494
date: Sun, 12 Feb 2023 05:05:11 GMT
vary: Accept-Encoding
akamai-grn: 0.540a655f.1676178311.880588b
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 4729d339ae49bb1594b2a6177e3d548e
e69785cd1cfd4a728a9c1e513d72d28d056a648e
25d024a7ac8a45ad50e2a335eb015a1ce4601b37bb91ebecd445ed367e587152
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143700
Date: Sun, 12 Feb 2023 05:05:11 GMT
Etag: "63e7f12a-1d7"
Expires: Mon, 13 Feb 2023 21:00:11 GMT
Last-Modified: Sat, 11 Feb 2023 19:48:58 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sB__XgAjH-1FrWcJ0qlcib3S-Ru2eyTdhtgBOio0SSYJ1RJpP-Igsg==
Age: 4274
api.edrone.me/trace?app_id=62139c80c6a16&action_type=homepage_view&sender_type=browser
52.17.2.194200 OK 42 B URL HTTP/2 api.edrone.me/trace?app_id=62139c80c6a16&action_type=homepage_view&sender_type=browser
IP 52.17.2.194:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6940a6890b569e4f7e733dc7f9963493
446177abe35cf60edd50f1c8a488232d4c39b892
c1a33c58880b4cffd125c2a53013eb3968a53779a77a5bd70082469f55dadce8
POST /trace?app_id=62139c80c6a16&action_type=homepage_view&sender_type=browser HTTP/1.1
Host: api.edrone.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 442
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Feb 2023 05:05:11 GMT
content-type: application/json
content-length: 42
server: Apache
access-control-allow-credentials: true
access-control-allow-origin: https://ruvix.ro
set-cookie: ccid=63e87387b332024362733363e87387b332555347622563e87387b3327925930020; expires=Sat, 06-Sep-2121 05:05:11 GMT; Max-Age=3110400000; path=/; domain=.edrone.me; secure; SameSite=None
e_dv_62139c80c6a16=2023-02-12%2005%3A05%3A11; expires=Sun, 12-Feb-2023 23:59:00 GMT; Max-Age=68029; path=/; domain=edrone.me; secure; HttpOnly; SameSite=None
x-edrone-event-id: 63e87387b340288349266163e87387b340377577313463e87387b3404631455680
access-control-expose-headers: x-edrone-event-id
X-Firefox-Spdy: h2
socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=413208422127264&suppress_http_code=1
31.13.72.8200 OK 44 B URL HTTP/2 socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=413208422127264&suppress_http_code=1
IP 31.13.72.8:0
File type ASCII text, with no line terminators
Hash 2481d41c939bf3c8dd417c927a0c868b
61e6dbc1dc1251acd24726ccedd10f8577064a6c
76c6731b491cf295859f7ffd4392ab354149b9050c68edede7a1987cf2ca5025
GET /new_domain_gating/?endpoint=customerchat&page_id=413208422127264&suppress_http_code=1 HTTP/1.1
Host: socialplugin.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/json; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: https://ruvix.ro
x-fb-debug: wg3YGWgmf2VOgWIv0FER7DNmDcsy4jGd9NvrHsHobOZPQO2VTnNeP5Zyycgtp81H++US69f0t67XjIId1oQnfA==
date: Sun, 12 Feb 2023 05:05:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
widget.manychat.com/34163.js
18.185.191.84200 OK 0 B URL HTTP/2 widget.manychat.com/34163.js
IP 18.185.191.84:0
GET /34163.js HTTP/1.1
Host: widget.manychat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Feb 2023 05:05:10 GMT
content-type: text/plain; charset=utf-8
cache-control: no-store
content-encoding: gzip
X-Firefox-Spdy: h2
mccdn.me/assets/js/widget.js
172.67.72.108200 OK 0 B URL HTTP/2 mccdn.me/assets/js/widget.js
IP 172.67.72.108:0
GET /assets/js/widget.js HTTP/1.1
Host: mccdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Feb 2023 05:05:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 11 Feb 2023 07:09:36 GMT
etag: W/"63e73f30-593f0"
access-control-allow-origin: https://manychat.com
timing-allow-origin: *
cache-control: public, max-age=7200
cf-cache-status: HIT
age: 6569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNQsrVRbYmMHq6vhAB4VaWuyuuaR%2BrhBdCJKQMT7stBMKfKxgiJbWRnTwIP5JDv%2FHUu2Ohczb3AtZyxg65JejK%2BFE2vqesng9EV1tZ7G0A%2Fbv60LU6QAuNA%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7982c9a39f5db4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CLibre+Baskerville:400,700&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CLibre+Baskerville:400,700&display=swap
IP 142.250.74.74:0
GET /css?family=Poppins:300,400,500,600,700%7CLibre+Baskerville:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 12 Feb 2023 05:05:09 GMT
date: Sun, 12 Feb 2023 05:05:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
manychat.com/pixel/logEvent
18.185.191.84200 OK 0 B URL HTTP/2 manychat.com/pixel/logEvent
IP 18.185.191.84:0
POST /pixel/logEvent HTTP/1.1
Host: manychat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 397
Origin: https://ruvix.ro
Connection: keep-alive
Referer: https://ruvix.ro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Feb 2023 05:05:11 GMT
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2