Overview

URL tabcelela.bloger.index.hr/
IP104.19.138.57
ASNAS13335 CloudFlare, Inc.
Location United States
Report completed2017-09-14 13:29:53 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-09-14 2 www.liveadexchanger.com/a/display.php?r=982363 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.19.138.57

Date UQ / IDS / BL URL IP
2017-09-18 13:06:42 +0200
0 - 0 - 1 beatrica.bloger.index.hr/post/zeleni-radic/60 (...) 104.19.138.57
2017-09-17 16:46:17 +0200
0 - 0 - 1 www.max-10.bloger.index.hr/ 104.19.138.57
2017-09-15 14:04:45 +0200
0 - 0 - 1 www.vip-sms-tip.bloger.index.hr/default.aspx 104.19.138.57
2017-09-13 16:31:58 +0200
0 - 0 - 1 pazi-staklo.bloger.index.hr/default.aspx 104.19.138.57
2017-09-09 17:46:31 +0200
0 - 0 - 1 priroda-n.bloger.index.hr/post/ziva-bica-prio (...) 104.19.138.57
2017-09-06 12:36:18 +0200
0 - 0 - 1 msn08.bloger.index.hr/default.aspx 104.19.138.57
2017-08-24 13:07:22 +0200
0 - 0 - 1 www.winx24.bloger.index.hr/post/winx-the-movi (...) 104.19.138.57
2017-08-21 12:13:35 +0200
0 - 0 - 1 pravi-kladionicar.bloger.index.hr/default.aspx 104.19.138.57
2017-08-15 17:45:27 +0200
0 - 0 - 1 nvesguarlakal.bloger.index.hr/default.aspx 104.19.138.57
2017-07-22 15:05:03 +0200
0 - 0 - 1 www.dilaphybal.bloger.index.hr/ 104.19.138.57

Last 10 reports on ASN: AS13335 CloudFlare, Inc.

Date UQ / IDS / BL URL IP
2017-09-19 15:31:37 +0200
4 - 0 - 0 decathlon.com-money.co/it-it/ 104.27.130.12
2017-09-19 15:28:34 +0200
0 - 0 - 0 104.18.55.167 104.18.55.167
2017-09-19 15:28:29 +0200
0 - 0 - 0 https://tinyurl.com/y9fzgxc9 104.20.219.42
2017-09-19 15:28:02 +0200
0 - 0 - 0 https://pastebin.com/raw/fnqya610 104.20.208.21
2017-09-19 15:25:47 +0200
0 - 0 - 1 www.clip4sale.co/ 104.24.101.157
2017-09-19 15:24:29 +0200
0 - 0 - 0 snip.ly/l82h8 104.25.85.12
2017-09-19 15:24:19 +0200
0 - 0 - 1 www.hotvnn.com/2011/12/clip-tre-trau-lam-tinh (...) 104.28.0.114
2017-09-19 15:23:00 +0200
4 - 0 - 0 hm.com-cheap.com 104.31.87.104
2017-09-19 15:22:39 +0200
0 - 0 - 0 https://exchange.xforce.ibmcloud.com 104.16.55.23
2017-09-19 15:22:26 +0200
0 - 0 - 2 https://cfsprosclients.com 104.25.174.25

No other reports on domain: index.hr



JavaScript

Executed Scripts (30)


Executed Evals (7)

#1 JavaScript::Eval (size: 2315, repeated: 1) - SHA256: 63ed6889f77121e1de359f6fc72fdc5465a63e240fe425d41b288cd13cd0851b

                                        ([".banner", ".bannerz", ".Banner", ".banerWrap", "iframe[id*=google_ads]", "div[id*=google_ads]", "iframe[src*=doubleclick]", "iframe[src*=bannerid]", "img[src*=adocean]", "iframe[src*=adocean]", "div[id*=adocean]", "iframe[src*=adsvc]", "iframe[src*=adv\\.slobodnadalmacija]", "iframe[id*=wpcom-iframe]", "iframe[id*=banner]", "iframe[id*=mads_iframe]", "iframe[id*=google_ads]", "div[id*=google_image]", "iframe[src*=inventa\\.hr]", "iframe[src*=static\\.emg-network\\.com]", "iframe[class*=imagine_player]", "img[src*=googlesyndication]", "img[src*=ads\\.dnevnik\\.hr]", "img[src*=sascdn]", "div[class*=banner]:not(.jl-banner-space, .jl-banner-column, .jl-sticky-banner)", "div[class*=banner]:not(.jl-banner-space, .jl-banner-column, .jl-sticky-banner) iframe", "div[class*=wallpaper]:not(.wallpaper_leak_fix, .above-wallpaper)", "div[class*=dfp_]", "div[class*=dfp_] img[class*=dfp_]", "div[class*=ht_block]", "div[class*=specijal_img_header]", "div[id*=ad_container]", "div[id*=iprom]", "div[id*=left-wall]", "div[id*=right-wall]", "div.iAdserver", "div.jl-banner-space", "iframe[src*=cinestar]", "iframe[src*=adverticum\\.net]", "div[class*=imagine-player]", "a[href*=bannerid] img", "a[href*=bannerid] video", "a[href*=adserver\\.iprom\\.net] video", "a[href*=adserver\\.iprom\\.net] img", ".columnright iframe", "a[href*=epp\\.index\\.hr]", "iframe[id*=wallpaper-dynamic", "iframe[id*=aswift", ".bannerZoneComponent", "a[href*=adserver\\.iprom\\.net]", ".creativeAd video", "video[id*=gemius]", "video[class*=dfp_]", ".adroll-block", "ins.adsbygoogle iframe", "div[class*=adsbygoogle] iframe", "div[class*=ad-desktop] iframe", "div[class*=fp-header-video]", "img[src*=oglasi]", "iframe[src*=cdn-static\\.rtl]", "iframe[src*=ads-jutarnji]", "img[src*=banner]", "div[class*=ads] img[src*=rijecanin\\.rtl]", "div[class*=BannerZone]", "iframe[src*=hosted_creatives]", "iframe[class*=dfp_]", "img[src*=osijek031\\/reklame]", "img[src*=banner\\.mob\\.hr]", "iframe[src*=osijek031\\/reklame]", "iframe[src*=marketing\\.osijek031\\.com]", "iframe[src*=video\\.vid4u\\.org]", "iframe[src*=baneri\\.vidi\\.hr]", "iframe[srcdoc*=s1\\.adform\\.net]", "iframe[src*=doubleclick\\.net]", "iframe[id*=mas_iframe]", "iframe[id*=rtl_video_frame]", "iframe[src*=criteo\\.com]", "video.pushdown-video", "video.ipromVideoTag"])
                                    

#2 JavaScript::Eval (size: 741, repeated: 1) - SHA256: fa6b2573b55a4b08ed0be29c3029ab06ecb5834786dbded4afce6b578f17f19c

                                        (["blog.hr/slike", "ls.hit.gemius.pl", "gdehr.hit.gemius.pl/gdejs/", "linker.hr", "/safeframe/", "staticxx.facebook.com", "imasdk.googleapis.com/js/core/bridge", "x.rafomedia.com", "securepubads.g.doubleclick.net/pcs/view", "www.youtube.com/embed/", "posao.hr/files/elementi_za_oglase/", ".coolinarika.com/recept", "www.jutarnji.hr/incoming/", ".ru/s/t", "travelaudience.com", "instagram.com", "hrt.hr/media/uploads/", "index.hr/oglasi/userdocsimages/", "b.refads.pro/code", "24sata.hr/news", "ds-recommender.styria.hr/widget", "traffic.styrja.hr", "pbs.twimg.com/media/", "slobodnadalmacija.hr/bbimagehandler.ashx", "njuskalo.hr/image", "centarzdravlja.hr/serve/www/images/", "buro247.hr/thumb/", "hr.search.etargetnet.com/frontend/logos/hr/"])
                                    

#3 JavaScript::Eval (size: 76, repeated: 1) - SHA256: 5215178f48840008abe852627dceee5189853e424c3e79bcce065fbeedf63b2b

                                        (["securepubads.g.doubleclick.net", "googleads.g.doubleclick.net", ".men/"])
                                    

#4 JavaScript::Eval (size: 413, repeated: 1) - SHA256: f14a5120db9b086aba016f19190ae632b5c63ce29b4b562d0ee8ee80019c2b31

                                        if (typeof ActiveXObject != "undefined") {
    try {
        fo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.7");
    } catch (e) {
        try {
            fo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.6");
            fv = "X";
            fo.AllowScriptAccess = "always";
        } catch (e) {
            if (fv == "X") {
                fv = "WIN 6,0,20,0";
            }
        }
        try {
            fo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash");
        } catch (e) {}
    }
    if ((fv == "-" || fv == "X") && fo) {
        fv = fo.GetVariable("$version");
    }
}
                                    

#5 JavaScript::Eval (size: 122, repeated: 1) - SHA256: 0bb4bbebc30d35e095befd1cdf852b009084a9c61c195738fad4dd7d59239dd4

                                        try {
    f = (d == top.document) ? 1 : 2;
    if (typeof top.document.referrer == "string") {
        ref = top.document.referrer
    }
} catch (e) {
    f = 3;
}
                                    

#6 JavaScript::Eval (size: 73, repeated: 1) - SHA256: 54c4d0e9cd27b7d2286bf6e4e15583b42d29f6384fe1eb4f00c8740d3bee7d8b

                                        try {
    fv = navigator.plugins["Shockwave Flash"].description;
} catch (e) {}
                                    

#7 JavaScript::Eval (size: 776, repeated: 1) - SHA256: 35c06b250944f27aa995e239132b537f4552d57cd175894589a41d48edb69322

                                        var m3_u = (location.protocol == 'https:' ? 'https://ads.emg-network.com/www/delivery/ajs.php' : 'http://ads.emg-network.com/www/delivery/ajs.php');
var m3_r = Math.floor(Math.random() * 99999999999);
if (!document.MAX_used) document.MAX_used = ',';
document.write("<scr" + "ipt type='text/javascript' src='" + m3_u + "?zoneid=189" + '&amp;cb=' + m3_r + (document.MAX_used != ',' ? ("&amp;exclude=" + document.MAX_used) : '') + (document.charset ? '&amp;charset=' + document.charset : (document.characterSet ? '&amp;charset=' + document.characterSet : '')) + "&amp;loc=" + escape(window.location) + (document.referrer ? ("&amp;referer=" + escape(document.referrer)) : '') + (document.context ? ("&context=" + escape(document.context)) : '') + (document.mmm_fo ? "&amp;mmm_fo=1" : '') + "'><\/scr" + "ipt>");
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 84, repeated: 1) - SHA256: 071bb71cc5f59a8a7b8eeb83d3b40bdfebdb2381c15bfb06526d6bc7b795dd25

                                        < script src = 'http://www.google-analytics.com/ga.js'
type = 'text/javascript' > < /script>
                                    


HTTP Transactions (39)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.19.142.57
HTTP/1.1 503 Service Temporarily Unavailable
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 14 Sep 2017 11:29:19 GMT
Transfer-Encoding: chunked
Connection: close
Set-Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; expires=Fri, 14-Sep-18 11:29:19 GMT; path=/; domain=.index.hr; HttpOnly
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache
Server: cloudflare-nginx
CF-RAY: 39e3020006d542b5-OSL


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   4351
Md5:    173f136279ab285df950f8a08a201c6a
Sha1:   353044155ce83f1180c205e6150727e0d4fb3746
Sha256: 157052ba75ed370e5e21052333dff537b691310da694b36e73ad1150f25b4fd5
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Thu, 14 Sep 2017 11:29:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 12 Apr 2006 13:30:00 GMT
Etag: W/"07c7d32355ec61:0"
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Thu, 21 Sep 2017 11:29:20 GMT
Cache-Control: public, max-age=604800
Server: cloudflare-nginx
CF-RAY: 39e30205d418427f-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   409
Md5:    a80b6c3ea65437014d6b3b0f8b493aed
Sha1:   2128686ac5ad19cb0080163c3f5141c5eccf12fa
Sha256: d0d94dd61b16ec45f8247d1dacf5dd1904224109755fcb76910aae851054e404
                                        
                                            GET /cdn-cgi/l/chk_jschl?jschl_vc=34fa598cda418efd0cb3d59ae4e069f1&pass=1505388563.37-FAyGuByMXj&jschl_answer=165993 HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559

                                         
                                         104.19.142.57
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Thu, 14 Sep 2017 11:29:24 GMT
Content-Length: 165
Connection: keep-alive
Set-Cookie: cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600; path=/; expires=Thu, 14-Sep-17 13:29:24 GMT; domain=.index.hr; HttpOnly
Location: http://tabcelela.bloger.index.hr/
Server: cloudflare-nginx
CF-RAY: 39e3021e825c427f-OSL
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  HTML document text
Size:   165
Md5:    a416e84052b8142f9401cc16dc9a4fa8
Sha1:   a0a66399195adcbea869e395b1ebcdccd7d20624
Sha256: b1fdb2af20656a321fce98ca65fdb828a1b462cee49948defb65d6b4e28c4917
                                        
                                            GET / HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: text/html; charset=iso-8859-2
                                        
Date: Thu, 14 Sep 2017 11:29:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=lh0kzw455d3j2d5542yhr3f1; domain=.bloger.hr; path=/; HttpOnly
X-Powered-By: ASP.NET
Server: cloudflare-nginx
CF-RAY: 39e3021ea260427f-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   87225
Md5:    c1731afe8164b9442bfcddf6ee1f0e73
Sha1:   a8de07e829455a752436f4306508043f6f0fdc36
Sha256: aaeeef6ba865fbabca2b38c87da8d21bf21333cd0ddd59e14e261ff6da7c01ae
                                        
                                            GET /sifrscreen.css HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 14 Sep 2017 11:29:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 08 Jan 2007 10:26:39 GMT
Etag: W/"c07d687bf33c71:0"
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Thu, 14 Sep 2017 15:29:24 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 39e3022104d04267-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   150
Md5:    7e7d6dfeb5249debce49009298d81cd8
Sha1:   86202fc1e2edd1b6293f0beb0883f627a609708d
Sha256: 9a124b1f12af85d93835a05691aab63b197c71a266f5ecbab75be767007b860c
                                        
                                            GET /layouts/layout_1.css HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 14 Sep 2017 11:29:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 19 Jun 2006 15:24:21 GMT
Etag: W/"ca16d70b493c61:0"
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Thu, 14 Sep 2017 15:29:24 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 39e30221167342b5-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   266
Md5:    679ad9a72a4dd1c0364145ea252e1db6
Sha1:   8cca1e53f9f9fa8cc16b547cff1262e3c3613133
Sha256: 3842f460e28a18cc0fdc4677c316127d0fcc6781c719067995da73de061d326d
                                        
                                            GET /themes/foto_tempered1/theme.css HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 14 Sep 2017 11:29:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 26 Apr 2006 08:58:50 GMT
Etag: W/"0199a2f69c61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Expires: Thu, 14 Sep 2017 15:29:24 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 39e3022112174273-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1481
Md5:    ee7b4517ede96a23f9e1ddc9c981d207
Sha1:   75f189182f50544d425e4b16a4a031806e0084e8
Sha256: 6aae76a311e30a95427381a77d413c21cc38a03a739fd8b646fc440a94ca630b
                                        
                                            GET /js/sifr.js HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 14 Sep 2017 11:29:24 GMT
Content-Length: 3974
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 09 Feb 2006 10:46:31 GMT
Etag: "805d4216662dc61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Expires: Thu, 14 Sep 2017 15:29:24 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 39e3022114d34267-OSL


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   3974
Md5:    60b0ee0120ca333108b0dd9066af2e82
Sha1:   90cd16ee22fbdea39847a8d5c70d0cd1ad14d485
Sha256: d21d2c741da49ef68e680ca89a8c9a7e4df191ac2c3eb06340433a7b7f60bea0
                                        
                                            GET /js/simpleajax.js HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 14 Sep 2017 11:29:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Jan 2007 14:37:54 GMT
Etag: W/"486068bffb33c71:0"
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Thu, 14 Sep 2017 15:29:24 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 39e302212306427f-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   730
Md5:    e5ad054358a3ec8dbf492fb7c26e2fe1
Sha1:   d459bdb5730bb6411e9af63703f7fb0e37e4536b
Sha256: 8b42ad5546927cde8de5f8f168cc6cdfd358e8129196033bad1f646d75410d75
                                        
                                            GET /swfobject.js HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 14 Sep 2017 11:29:24 GMT
Content-Length: 3875
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Sun, 06 Jul 2008 14:25:02 GMT
Etag: "0b3b61374dfc81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Expires: Thu, 14 Sep 2017 15:29:24 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 39e30221a68e42b5-OSL


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   3875
Md5:    31541b118abf1c3714bff416415ca7cc
Sha1:   e92271860b7a481ddf11df1e39554137f2ca101f
Sha256: 49fda2113c56fb30d8d03d465cf5fcb418d855703ea85e5cf27551b3927b9276
                                        
                                            GET /js/AC_OETags.js HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 14 Sep 2017 11:29:24 GMT
Content-Length: 2369
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 18 Jan 2008 13:07:21 GMT
Etag: "80a51fd359c81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Expires: Thu, 14 Sep 2017 15:29:24 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 39e30221a23e4273-OSL


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   2369
Md5:    081e810cb2b0fea9bee472bd02638592
Sha1:   7079e267513eccda48f98f2ade1b488cd257c184
Sha256: 41f6310a5db81a1b01493f6825be590df33c859a92c756050dbf4f2a1587f15b
                                        
                                            GET /ufo.js HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 14 Sep 2017 11:29:24 GMT
Content-Length: 3516
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Mon, 05 Feb 2007 14:03:06 GMT
Etag: "049c05b2e49c71:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Expires: Thu, 14 Sep 2017 15:29:24 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 39e30221a4fa4267-OSL


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   3516
Md5:    aa60dbc61bf171b0933f56cca6c23f83
Sha1:   141fa560b9f31be696c59535119e91474883695f
Sha256: c70f78244c429b90db48c6f17c88c1b4665d0c97ef155180bf2204448a940aac
                                        
                                            GET /js/ajaxroutine.js HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 14 Sep 2017 11:29:24 GMT
Content-Length: 1710
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2006 09:10:25 GMT
Etag: "8016136ba7eec61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Expires: Thu, 14 Sep 2017 15:29:24 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 39e30221a326427f-OSL


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   1710
Md5:    16e8707d620737c51ab0e26d2f2d0d46
Sha1:   d8d8076409d9ea02efdbe4a436c8a06d78162c64
Sha256: 80100fa8b153f6582e6d5605a47b4a3e6a25e7a3c40380e8f8b2873be870c330
                                        
                                            GET /img/close.gif HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 14 Sep 2017 11:29:24 GMT
Content-Length: 227
Connection: keep-alive
Last-Modified: Wed, 31 May 2006 14:17:25 GMT
Etag: "f63bd3f0bc84c61:0"
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Thu, 14 Sep 2017 15:29:24 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 39e30221a328427f-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 15
Size:   227
Md5:    3a722245905e68f3cdc7157379ca9862
Sha1:   f8a4f9f4333ea2ce165deebcbcb4ca6272c67b5d
Sha256: 0dbfb0da6b1184f1e61b6052ac6031918a289e66e7239ba4e5c5eb3ae1542fef
                                        
                                            GET /js/swfobject.js HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 14 Sep 2017 11:29:24 GMT
Content-Length: 2206
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 02 Jun 2006 09:35:24 GMT
Etag: "0969bdf2786c61:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Expires: Thu, 14 Sep 2017 15:29:24 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 39e30221a4fb4267-OSL


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   2206
Md5:    6dea63f9af6c9e3f40f0d1cd8aa57c6a
Sha1:   8f32d5515a5f11f8b881e8c72f02a16921a682d5
Sha256: 9e49287473038fd1f4504c0b98feacc34799156ee3035a4307dd86b4d17276fa
                                        
                                            GET /img/komentar.gif HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 14 Sep 2017 11:29:25 GMT
Content-Length: 207
Connection: keep-alive
Last-Modified: Tue, 18 Apr 2006 17:45:36 GMT
Etag: "2a555e6f63c61:0"
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Thu, 14 Sep 2017 15:29:25 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 39e30226c33e4273-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 15 x 11
Size:   207
Md5:    624e6047016cbd850b3c07b607b57ad3
Sha1:   f2e5a59a37d366b50eea776fcab1617e06b6d517
Sha256: bdf72993c966cf4ab46352bbb9e53fc9382abb02c6e4e8b26a38ac6da0d77d47
                                        
                                            GET /img/btn.gif HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 14 Sep 2017 11:29:25 GMT
Content-Length: 274
Connection: keep-alive
Last-Modified: Tue, 18 Apr 2006 10:31:06 GMT
Etag: "fc4f8233d362c61:0"
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Thu, 14 Sep 2017 15:29:25 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 39e3022746844267-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 23 x 18
Size:   274
Md5:    cea8234737c22a3dbf4f726a5099976d
Sha1:   7401011bec486d871d8043fbf5fd30537729017d
Sha256: 74c0b23e2d7ecff3c83fc90f51421a2fdc41df1ae9b5829f43850ffd69a5d922
                                        
                                            GET /themes/foto_tempered1/theme.css.js HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 14 Sep 2017 11:29:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 19 Dec 2005 13:43:09 GMT
Etag: W/"b0c1ef25a24c61:0"
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Thu, 14 Sep 2017 15:29:25 GMT
Cache-Control: public, max-age=14400
Server: cloudflare-nginx
CF-RAY: 39e302278477427f-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   187
Md5:    f64cca16ff9e3456fd1cda9a64cc15ed
Sha1:   02fd6cd03fbee0e0f9e834d108f7bc345aba478b
Sha256: 88909aa312e2ad0e54ff2102e7e2b8cd89c119df7de03bbb9d58f9e9dde3a3db
                                        
                                            GET /themes/foto_tempered1/bg.jpg HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/themes/foto_tempered1/theme.css
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 14 Sep 2017 11:29:25 GMT
Content-Length: 118245
Connection: keep-alive
Last-Modified: Mon, 19 Dec 2005 13:53:36 GMT
Etag: "c041e79ba34c61:0"
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Thu, 14 Sep 2017 15:29:25 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 39e3022617a942b5-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   118245
Md5:    c6a4cf674efcc8c71e1cae5a9ad567a8
Sha1:   2305ed0d308c7c83bef52d5bfeca1047550e22c9
Sha256: 95b8fc34bf8f3f6340b1764214e1dd1d38157551864bdbb517968bb998c557e0
                                        
                                            GET /gallery.swf HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: application/x-shockwave-flash
                                        
Date: Thu, 14 Sep 2017 11:29:26 GMT
Content-Length: 42974
Connection: keep-alive
Last-Modified: Thu, 13 Apr 2006 14:33:26 GMT
Etag: "14eac3a75fc61:0"
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Vary: Accept-Encoding
Expires: Thu, 14 Sep 2017 15:29:26 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 39e3022d05c3427f-OSL


--- Additional Info ---
Magic:  Macromedia Flash data (compressed), version 6
Size:   42974
Md5:    fa1290db4531191b02849974baeba5e2
Sha1:   3674dcbbb246f02ffe88be1952cae59fcae7e4b0
Sha256: 0c46cf07bfe68e9e94ceb9d0615206656016f1a3f510a3ac8c3fc80085147e54
                                        
                                            GET /xgemius.js HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 14 Sep 2017 11:29:26 GMT
Content-Length: 1963
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Tue, 23 Oct 2012 15:12:27 GMT
Etag: "80bf2d030b1cd1:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
CF-Cache-Status: MISS
Expires: Thu, 14 Sep 2017 15:29:26 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 39e3022d77e54267-OSL


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   1963
Md5:    d3a454d1c31ab76aa05f5c07008132a6
Sha1:   7a0231c46979e5012eb6e75b18d39e4d4ca63f7b
Sha256: a2124f0ab4e1b59eb6f71dc53a7d1f081a3cb831177d8c51cd09cd628d84e66e
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Thu, 14 Sep 2017 09:52:23 GMT
Expires: Thu, 14 Sep 2017 11:52:23 GMT
Last-Modified: Tue, 12 Sep 2017 04:27:56 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 15979
Cache-Control: public, max-age=7200
Age: 5823


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   15979
Md5:    cc2b13aead239aa86405a00b62b8065c
Sha1:   bb51c0e1d71096500152180929312c8b253a3189
Sha256: 77d20987f28a6e596fb7d6e6627dd6e2b349e605e52a9235f3a3ffa5b04e04bb
                                        
                                            GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1 
Host: fpdownload2.macromedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         195.159.219.11
HTTP/1.1 200 OK
Content-Type: text/xml
                                        
Server: Apache
Last-Modified: Tue, 12 Sep 2017 09:12:41 GMT
Etag: "60c-558fa720b698a"
Accept-Ranges: bytes
Content-Length: 1548
Date: Thu, 14 Sep 2017 11:29:26 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  XML document text\012 XML document text
Size:   1548
Md5:    82eeb2d5a28bc14d19272c066fe67062
Sha1:   04845b8811284a876dd76043df80e2cdb261417a
Sha256: 4890d21b88516cbfa2d45022c1d18fe47c14cfee085869ae256a2d2c90247e08
                                        
                                            GET /settings/tabcelela/gallery.xml?rnd=46544 HTTP/1.1 
Host: tabcelela.bloger.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         104.19.142.57
HTTP/1.1 200 OK
Content-Type: text/xml
                                        
Date: Thu, 14 Sep 2017 11:29:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2011 18:22:17 GMT
Etag: W/"735ae38797ccc1:0"
X-Powered-By: ASP.NET
Server: cloudflare-nginx
CF-RAY: 39e3022e95384273-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   107
Md5:    dadd8e7949ec92c68306c78641e2c764
Sha1:   d99cc37ed1d398cf14ae0cc3e5b399586c4bda65
Sha256: 281f1b0575bd5e705fb8341a27a40edb4a5aeb79c96f571324520179ca18bff3
                                        
                                            GET /r/__utm.gif?utmwv=5.6.9&utms=1&utmn=1270195098&utmhn=tabcelela.bloger.index.hr&utmcs=ISO-8859-2&utmsr=1176x885&utmvp=1159x775&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=Eustace&utmhid=947252679&utmr=0&utmp=%2F&utmht=1505388566845&utmac=UA-2490832-2&utmcc=__utma%3D19365949.405797420.1505388567.1505388567.1505388567.1%3B%2B__utmz%3D19365949.1505388567.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1618922634&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Thu, 14 Sep 2017 11:29:26 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /_1505388566701/rexdot.gif?l=30&id=pyLlbXuWLXVcE1C1620sQpYTzSsdB6c0jSMweAl.nP7.F7&fr=1&tz=-120&fv=Shockwave%20Flash%2010.0%20r45&href=http%3A%2F%2Ftabcelela.bloger.index.hr%2F&ref=http%3A%2F%2Ftabcelela.bloger.index.hr%2F&screen=1176x885&col=24&window=1176x775 HTTP/1.1 
Host: hr.hit.gemius.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/

                                         
                                         87.237.206.243
HTTP/1.1 301 Moved Permanently
                                        
Date: Thu, 14 Sep 2017 11:29:26 GMT
Expires: Wed, 13 Sep 2017 11:29:26 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Set-Cookie: Gtest=KlGgMMaGQMQGaL5Odk1G7DE5ssGMXP8cXR4G; Domain=hit.gemius.pl; Path=/; Expires=Sun, 09 Apr 2023 00:00:00 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Location: /__/_1505388566701/rexdot.gif?l=30&id=pyLlbXuWLXVcE1C1620sQpYTzSsdB6c0jSMweAl.nP7.F7&fr=1&tz=-120&fv=Shockwave%20Flash%2010.0%20r45&href=http%3A%2F%2Ftabcelela.bloger.index.hr%2F&ref=http%3A%2F%2Ftabcelela.bloger.index.hr%2F&screen=1176x885&col=24&window=1176x775
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /__/_1505388566701/rexdot.gif?l=30&id=pyLlbXuWLXVcE1C1620sQpYTzSsdB6c0jSMweAl.nP7.F7&fr=1&tz=-120&fv=Shockwave%20Flash%2010.0%20r45&href=http%3A%2F%2Ftabcelela.bloger.index.hr%2F&ref=http%3A%2F%2Ftabcelela.bloger.index.hr%2F&screen=1176x885&col=24&window=1176x775 HTTP/1.1 
Host: hr.hit.gemius.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: Gtest=KlGgMMaGQMQGaL5Odk1G7DE5ssGMXP8cXR4G

                                         
                                         87.237.206.243
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 14 Sep 2017 11:29:26 GMT
Expires: Wed, 13 Sep 2017 11:29:26 GMT
Server: GHC
Accept-Ranges: none
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Set-Cookie: Gdyn=KlQzjMXGQMQGaL5Odk1G7DE5ssGMXP8cX8JSssX6nsGfGKfxaL2xQjGowOx1G0F6Sssa; Domain=hit.gemius.pl; Path=/; Expires=Sun, 09 Apr 2023 00:00:00 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 43


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    6d22e4f2d2057c6e8d6fab098e76e80f
Sha1:   b80b11203d97fe01c5597ca3be70406ea48f5709
Sha256: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
                                        
                                            GET /door.js?id=638 HTTP/1.1 
Host: test-script.dotmetrics.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/

                                         
                                         178.218.161.118
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Cache-Control: private
Last-Modified: Sun, 24 Sep 2017 13:29:32 GMT
Etag: "638.90"
Server: Microsoft-IIS/8.5
P3P: policyref="http://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
X-AspNet-Version: 4.0.30319
Set-Cookie: DotMetrics.UniqueUserIdentityCookie=UserID=00000000-0000-0000-0000-000000000000&guid=c8afa36b-f442-47de-8049-4ddf21c4d6d5&Created=09/14/2017 13:29:32&UserMode=0&ver=0; domain=.dotmetrics.net; expires=Fri, 14-Sep-2018 11:29:32 GMT; path=/ DotMetrics.DeviceKey=DeviceID=; domain=.dotmetrics.net; expires=Fri, 14-Sep-2018 11:29:32 GMT; path=/ DotMetrics.UniqueUserIdentityCookie=expired; domain=test-script.dotmetrics.net; expires=Wed, 13-Sep-2017 07:50:12 GMT; path=/ DotMetrics.DeviceKey=expired; domain=test-script.dotmetrics.net; expires=Wed, 13-Sep-2017 07:50:12 GMT; path=/ DotMetrics.SessionCookieTemp=expired; domain=test-script.dotmetrics.net; expires=Wed, 13-Sep-2017 07:50:12 GMT; path=/ DotMetrics.SessionCookieTempTimed=expired; domain=test-script.dotmetrics.net; expires=Wed, 13-Sep-2017 07:50:12 GMT; path=/ DotMetrics.UniqueUserIdentityCookie=expired; domain=demo-script.dotmetrics.net; expires=Wed, 13-Sep-2017 07:50:12 GMT; path=/ DotMetrics.DeviceKey=expired; domain=demo-script.dotmetrics.net; expires=Wed, 13-Sep-2017 07:50:12 GMT; path=/ DotMetrics.SessionCookieTemp=expired; domain=demo-script.dotmetrics.net; expires=Wed, 13-Sep-2017 07:50:12 GMT; path=/ DotMetrics.SessionCookieTempTimed=expired; domain=demo-script.dotmetrics.net; expires=Wed, 13-Sep-2017 07:50:12 GMT; path=/ DotMetrics.UniqueUserIdentityCookie=expired; expires=Wed, 13-Sep-2017 07:50:12 GMT; path=/ DotMetrics.DeviceKey=expired; expires=Wed, 13-Sep-2017 07:50:12 GMT; path=/ DotMetrics.SessionCookieTemp=expired; expires=Wed, 13-Sep-2017 07:50:12 GMT; path=/ DotMetrics.SessionCookieTempTimed=expired; expires=Wed, 13-Sep-2017 07:50:12 GMT; path=/
Date: Thu, 14 Sep 2017 11:29:31 GMT
Connection: close
Content-Length: 5712


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   5712
Md5:    5d88c5cf5efeef8a92626104d899b54c
Sha1:   29986432343c94423de808d2bbad435928f4acd1
Sha256: c5a29c9470b81d0487d77a4ec511f32d3d93b16a03c396ef3f0f6bc888209ff8
                                        
                                            GET /hit.gif?id=638&url=http://tabcelela.bloger.index.hr/&dom=tabcelela.bloger.index.hr&r=1505388567001 HTTP/1.1 
Host: script.dotmetrics.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: DotMetrics.UniqueUserIdentityCookie=UserID=00000000-0000-0000-0000-000000000000&guid=c8afa36b-f442-47de-8049-4ddf21c4d6d5&Created=09/14/2017 13:29:32&UserMode=0&ver=0; DotMetrics.DeviceKey=DeviceID=

                                         
                                         178.218.161.91
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private
Server: Microsoft-IIS/8.5
P3P: policyref="http://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
X-AspNet-Version: 4.0.30319
Date: Thu, 14 Sep 2017 11:29:25 GMT
Connection: close
Content-Length: 43


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    f837aa60b6fe83458f790db60d529fc9
Sha1:   14af87ccec7f81bb28d53c84da2fd5a9d5925cda
Sha256: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
                                        
                                            GET /js/emg/emg-with-jquery.js HTTP/1.1 
Host: www.index.hr
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d63f0b251cbf23d89689b9b2646f3b2ae1505388559; cf_clearance=6c55cebef01453e8c805ad3b4200fb326e6c25f1-1505388564-3600

                                         
                                         107.178.244.221
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: shield
Date: Thu, 14 Sep 2017 11:29:26 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=600
Last-Modified: Tue, 26 Feb 2013 16:48:08 GMT
X-Powered-By: ASP.NET
Content-Encoding: gzip
X-Shield-Request-Id: c7132cad2acffb0981ef12f7fc15ea7c
Via: 1.1 google


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   108379
Md5:    00d8c36519e67e23fbb455443cf3b553
Sha1:   12ced423ee496f8a88fe0d233f22ab9a95a66457
Sha256: 531353dfdd715f5738842ebcfbfaefeef04f61fa9956a5300b3bef18c316b360
                                        
                                            GET /Scripts/script.v49.js?v=90 HTTP/1.1 
Host: script.dotmetrics.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: DotMetrics.UniqueUserIdentityCookie=UserID=00000000-0000-0000-0000-000000000000&guid=c8afa36b-f442-47de-8049-4ddf21c4d6d5&Created=09/14/2017 13:29:32&UserMode=0&ver=0; DotMetrics.DeviceKey=DeviceID=

                                         
                                         178.218.161.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2017 13:55:10 GMT
Accept-Ranges: bytes
Etag: "0339c964e26d31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Date: Thu, 14 Sep 2017 11:29:26 GMT
Connection: close
Content-Length: 11752


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   11752
Md5:    f9b352c04ed43d547a4d994fc61c336e
Sha1:   e2e7136bc16aa409fbaee0928497bf133f3b185f
Sha256: 417332f5b20826d176c9e6a6e61cdacf6f54e8c09823f0ebe5fd12ff92bdfa9e
                                        
                                            GET /adexConfig.js?v=90 HTTP/1.1 
Host: adex.dotmetrics.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: DotMetrics.UniqueUserIdentityCookie=UserID=00000000-0000-0000-0000-000000000000&guid=c8afa36b-f442-47de-8049-4ddf21c4d6d5&Created=09/14/2017 13:29:32&UserMode=0&ver=0; DotMetrics.DeviceKey=DeviceID=

                                         
                                         178.218.161.91
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Cache-Control: private
Last-Modified: Sun, 24 Sep 2017 13:29:26 GMT
Etag: ".17"
Server: Microsoft-IIS/8.5
P3P: policyref="http://adex.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 14 Sep 2017 11:29:26 GMT
Connection: close
Content-Length: 6335


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   6335
Md5:    b30d3366bba1a45762e674368181f10d
Sha1:   5e723ea4b35c1513d74a786cd1988e996aca12b1
Sha256: 47068056c55aa4d1725e99411aea8208e52e2e3a00446b3216d71dea76f7e468
                                        
                                            GET /Scripts/adexScript.v1.js?v=17 HTTP/1.1 
Host: adex.dotmetrics.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: DotMetrics.UniqueUserIdentityCookie=UserID=00000000-0000-0000-0000-000000000000&guid=c8afa36b-f442-47de-8049-4ddf21c4d6d5&Created=09/14/2017 13:29:32&UserMode=0&ver=0; DotMetrics.DeviceKey=DeviceID=

                                         
                                         178.218.161.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 15 Jun 2017 14:21:07 GMT
Accept-Ranges: bytes
Etag: "80bc8a0e2e5d21:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 14 Sep 2017 11:29:25 GMT
Connection: close
Content-Length: 10617


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   10617
Md5:    0fb0b584cd4eb27764c43602808e7b2e
Sha1:   ce0e4003d66d4cba799692d240ad7a217b30f61f
Sha256: 4f9f7326d7829ba8e5f27952328e395b990e619b98e7f14042d4cf174b721c5d
                                        
                                            GET /www/delivery/ajs.php?zoneid=189&cb=39499856093&charset=ISO-8859-2&loc=http%3A//tabcelela.bloger.index.hr/&referer=http%3A//tabcelela.bloger.index.hr/ HTTP/1.1 
Host: ads.emg-network.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/

                                         
                                         104.28.16.141
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=ISO-8859-2
                                        
Date: Thu, 14 Sep 2017 11:29:27 GMT
Content-Length: 399
Connection: keep-alive
Set-Cookie: __cfduid=d31688437fa6d02338ff85dca62e1b75c1505388567; expires=Fri, 14-Sep-18 11:29:27 GMT; path=/; domain=.emg-network.com; HttpOnly OAGEO=NO%7C%7C%7C%7C59.95%7C10.75%7C%7C%7C%7C%7C; path=/ OAID=b3a79af99e9fda58097744df3a165df8; expires=Fri, 14-Sep-2018 11:29:27 GMT; Max-Age=31536000; path=/
X-Powered-By: PHP/5.6.31
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Server: cloudflare-nginx
CF-RAY: 39e3023351624267-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   399
Md5:    5bce2ab03022e9207646f88f46077c48
Sha1:   c50b8772cdfca301df9d9c3c86ad68dc75c2bbc7
Sha256: 8fca7588f62cdc5d4f1f82be3fb80b0bfdf4d2281e15d45274eddaa610e7b42b
                                        
                                            GET /SiteEvent.dotmetrics?v=eyJpZCI6NjM4LCJmbCI6dHJ1ZSwiZG9tIjoidGFiY2VsZWxhLmJsb2dlci5pbmRleC5ociIsImZzbyI6bnVsbCwibHNvIjpudWxsLCJ1cmwiOiJodHRwOi8vdGFiY2VsZWxhLmJsb2dlci5pbmRleC5oci8iLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1505388567709 HTTP/1.1 
Host: script.dotmetrics.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: DotMetrics.UniqueUserIdentityCookie=UserID=00000000-0000-0000-0000-000000000000&guid=c8afa36b-f442-47de-8049-4ddf21c4d6d5&Created=09/14/2017 13:29:32&UserMode=0&ver=0; DotMetrics.DeviceKey=DeviceID=

                                         
                                         178.218.161.91
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Cache-Control: private
Server: Microsoft-IIS/8.5
P3P: policyref="http://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
X-AspNet-Version: 4.0.30319
Set-Cookie: DotMetrics.UniqueUserIdentityCookie=UserID=b460b67a-244d-4815-b6cf-8fe38d826bf2&Created=09/14/2017 13:29:32&UserMode=0&guid=c8afa36b-f442-47de-8049-4ddf21c4d6d5&ver=1; domain=.dotmetrics.net; expires=Fri, 14-Sep-2018 11:29:32 GMT; path=/ DotMetrics.DeviceKey=DeviceID=; domain=.dotmetrics.net; expires=Fri, 14-Sep-2018 11:29:32 GMT; path=/
Date: Thu, 14 Sep 2017 11:29:32 GMT
Connection: close
Content-Length: 247


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   247
Md5:    455291a385c8dcee1e45339c7dae56ce
Sha1:   3b0d715a341b21531853236ab14d76bbcb2d2cb4
Sha256: 4e19e7940d4f5232aea536a21bc1b35463b41be60c75c992c2dfa4a62b97bde0
                                        
                                            GET /www/delivery/lg.php?bannerid=6457&campaignid=2070&zoneid=189&loc=http%3A%2F%2Ftabcelela.bloger.index.hr%2F&referer=http%3A%2F%2Ftabcelela.bloger.index.hr%2F&cb=6f83667256 HTTP/1.1 
Host: ads.emg-network.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/
Cookie: __cfduid=d31688437fa6d02338ff85dca62e1b75c1505388567; OAGEO=NO%7C%7C%7C%7C59.95%7C10.75%7C%7C%7C%7C%7C; OAID=b3a79af99e9fda58097744df3a165df8

                                         
                                         104.28.16.141
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 14 Sep 2017 11:29:27 GMT
Content-Length: 56
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=b3a79af99e9fda58097744df3a165df8; expires=Fri, 14-Sep-2018 11:29:27 GMT; Max-Age=31536000; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Server: cloudflare-nginx
CF-RAY: 39e30234a1aa4267-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   56
Md5:    15669dda86db3cbff7835fa202dc0b16
Sha1:   ce788cab9c1aa7e458a3971a59702c410b37e64d
Sha256: 5cc3f958039a8885c4e9526e22d454da47d579b9a02861e7a60b41fa0ba910df
                                        
                                            GET /a/display.php?r=982363 HTTP/1.1 
Host: www.liveadexchanger.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/

                                         
                                         130.211.28.230
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Thu, 14 Sep 2017 11:29:27 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Referrer-Policy: no-referrer
Link: <//www.liveadexchanger.com>; rel=dns-prefetch,<//www.liveadexchanger.com>; rel=preconnect
Content-Encoding: gzip
Via: 1.1 google


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2107
Md5:    3cbe491fb6cd99a9ad07710a6d9dba66
Sha1:   a58168fb63c81cd63f7a2beec47f224765a0dd34
Sha256: f55fbd01690ea9cc94228cb4e6fa9ddafea1fa9233aede80d3ec45447e83f6f1

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /a/display.php?r=982363&treqn=536538273&runauction=1&crr=839836ddda52104011b9,otr56O9ySe-4Lf9y6e-7PP8-Lb_wnP85_v_9ju2umr2umb3vmL7ojO9d9b1264e203aacce3ecf&cbrandom=0.34397978652399475&cbtitle=Eustace&cbiframe=0&cbWidth=1176&cbHeight=775&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Ftabcelela.bloger.index.hr%2F HTTP/1.1 
Host: www.liveadexchanger.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/

                                         
                                         130.211.28.230
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: openresty
Date: Thu, 14 Sep 2017 11:29:28 GMT
Transfer-Encoding: chunked
X-Robots-Tag: noindex
Cache-Control: no-store, no-cache, no-transform, must-revalidate, max-age=0, post-check=0, pre-check=0
X-LTime: 1505388568.2212
Link: <//7f0ti.voluumtrk.com>; rel=dns-prefetch,<//7f0ti.voluumtrk.com>; rel=preconnect,<//www.liveadexchanger.com>; rel=dns-prefetch,<//www.liveadexchanger.com>; rel=preconnect,<//c.codeonclick.com>; rel=dns-prefetch,<//c.codeonclick.com>; rel=preconnect
Set-Cookie: acnetwork=4d28817b59ba6818446c12a3ec; expires=Wed, 30-Dec-2037 23:00:00 GMT; Max-Age=640438232; path=/
Referrer-Policy: no-referrer
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Vary: Accept-Encoding
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Encoding: gzip
Via: 1.1 google


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   13493
Md5:    1ab1a6cbb5e64d53be76682c39017b88
Sha1:   bc51cb55d2df91ab2b114cf3425b74545706d9cb
Sha256: 82aac8c89ffd6b944c1b74b484befc9d800b2b66eb21d66ca0c7d06f6167cf70
                                        
                                            GET /script/wait.php?stamat=m%7C%2C%2CQ2OqdhJ-oGU3B_9GH0dEdHP3xP.10e%2CEqCnJnY1F65VkbyEwL9gd7yh0ozPNstiWSOLWSZvcGPFut8qLRoX9hHjNfzWv7r1dp8z0IEJ5IzGNmXCVSXkR7SbvG03OLIk1OLt2dHcjKztVntTKiVfS4QEqD2LxynjaFap5Zp_H09tE3ZuHW0KT5LPWiPpEmWoZnoDxc-BnUVrxv60RdPPKfMJoj9-jldLqxLPyxGyA2dQ6vIHqJ2Pes8NseMrVh9HNk8PWkLFRj6l3TCUY1hgw_IaYbLkhV84WwrytMmlZ1CplB8OBf4mQn2VFHFYRTsiFs_YEO9BAAECxnASxZ9qvJgYgt4QStB9&srbrb=1&callback=jsonp220500 HTTP/1.1 
Host: c.codeonclick.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tabcelela.bloger.index.hr/

                                         
                                         104.197.220.91
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: openresty
Date: Thu, 14 Sep 2017 11:29:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   460
Md5:    f13d58a7054ad1107474b2738a632c49
Sha1:   2ef7b0241317f5a262bfa4172813f46145440f3a
Sha256: 3dcfbdfcbb67b7241c45bf9e49a3b58eae0b93a33c584bc98504b670be648469