www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT
142.250.74.168 86 kB URL www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT
IP 142.250.74.168:0
File type ASCII text, with very long lines (3034)
Hash 1a1c06a56f7467d17cf84e095655a5d5
d250eef5f8192b93ea96217bfa59142b420ac482
dd4a01b8d17d36c66a9eee5048661822d440a44ca6cfc6cf8f5a08cbd98b80ea
GET /gtag/js?id=G-7NCJ73THPT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 23:22:49 GMT
expires: Mon, 04 Dec 2023 23:22:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85506
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/plusone.js
142.250.74.78 22 kB URL apis.google.com/js/plusone.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (2664)
Hash 12476fdc6b8599d03eac729748337611
7a15dc04ad6e77026bf45927b78247411e3e0466
c5be6532f19ca90fb5966ed89be694f2bc2cded1e443d3489467cb28cd69af43
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 21930
date: Mon, 04 Dec 2023 23:22:49 GMT
expires: Mon, 04 Dec 2023 23:22:49 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "b82ec1e6cb6f99ed"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=T-fp_gJaXuk3ShplrIYKS6aqQHQqYFk18rJhbI5Q61OPQZPTKFJaKFE6qokWjjo2V4GzZXFU2bdyFsuOcSrD8e3ZFvXcnnTXf4ouDmUct9BGIztVtafO-2wC6jjxnktugrHPoigl3UeJmSMZ5ATggSeRCvBthuCfeWixGjJn_cU; expires=Tue, 04-Jun-2024 23:22:49 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
192.185.106.252 398 B URL www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 4f140b946bdc4cb833896a992db68c6d
52d6c64f9c5478bb70604068a66f06283ecff968
f8f90d1cacc59cf90886948787ef5c723b8de9e41092285611f2f915b5996ef2
GET /wp-content/themes/vugla/style.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 24 Mar 2020 17:57:12 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 398
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1
192.185.106.252 733 B URL www.vugla.com/wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2553), with no line terminators
Hash 229bf132659b3607e05296743613ecca
2f498516b73ae5f087904669ccd6b3eb57054711
73214adfea5dc8d2ab7aae66baec56aab47e70224557c08f424b80909d1acd7c
GET /wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:33 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 733
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
192.185.106.252 5.4 kB URL www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13479)
Hash 9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 5422
content-type: application/javascript
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6
192.185.106.252 1.4 kB URL www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4310), with CRLF line terminators
Hash b236fbc68ad6824d6fd4be9501a56ea5
5147f5e6779b335a45771a6a9ec9f0a1db8079ef
d49c9ad378618e0a0eb8e6fca04c13f6005e13badf79e0c977d76d851f7aa60a
GET /wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 1410
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1
192.185.106.252 89 B URL www.vugla.com/wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash b20aaffdf9d8e1f413b536edb9d1b649
0f3afd6ef6940700eb7f245629d1b79c52f45b47
9534982bd24eaa3205ac2e5a4dbd6a16a3129b70df981f422562ef3a30ade7cd
GET /wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:50:56 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 89
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1
192.185.106.252 14 kB URL www.vugla.com/wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (5844)
Hash 514fccb15bdc95ea2c2b6fddaded8ecc
4c999194bb19b83cc85f40621fa1c74cd1a4cbf7
d86730f73982f170cb0943d0d47c3c2520743d6a3d6cf5330cde12667df675ca
GET /wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:35 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 13761
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1
192.185.106.252 320 B URL www.vugla.com/wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 199decab27dd471d35814631e71e6fea
42c2847529b6859230bc2f4e8e6432805a06148b
7279594a46188e3246db42ffd4c609fc254c6fa06bfca8b72dd82e63fa4e6385
GET /wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 26 May 2014 20:39:02 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 320
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
192.185.106.252 83 B URL www.vugla.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 409 Conflict
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1
192.185.106.252 106 B URL www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 64829824ee643f09fb3821dc49b3089a
446608ff9f4128b9503476135a8c28599f8d5c2e
0b967c52b8e899c4266110c97fa50018d61ccf1365144d16f09f901523d48c95
GET /wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:31 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 106
content-type: application/javascript
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1
192.185.106.252 7.0 kB URL www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (14641), with CRLF line terminators
Hash ad955f14cdcc21d58014f25ab7c8d46d
8915b95d672d54be6fb01a239088aba305d4798e
d6304e162f8fe5054a4c5430d2f1d78ea2ad54c1ff61ea708d148bf385312407
GET /wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 12:00:08 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 6964
content-type: application/javascript
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4
192.185.106.252 8.3 kB URL www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18798)
Hash f88d5720bb454ed5d204cbdb56901f6b
f1952292fde4b15936e9aac16b2b9896684db95b
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 8305
content-type: application/javascript
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png
192.185.106.252 2.6 kB URL www.vugla.com/wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 56735b8135d0a3b1db1b1e1a34945e85
dc604b4e7030d9fe583393b94f1811fe69628107
7ef39fd53ffb21c300f78615faa8eab8eb1163ad1b70843efa4550a0bda364bc
GET /wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 26 Jul 2017 12:44:40 GMT
accept-ranges: bytes
content-length: 2562
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/png
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1
192.185.106.252 8.7 kB URL www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17739), with CRLF line terminators
Hash 3229aa93c44fa4628707e80959a97bc1
5a2d4dbc4d1df02e7a386489e7b5c5a9e22dd40f
095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90
GET /wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 8747
content-type: application/javascript
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6
192.185.106.252 8.6 kB URL www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (629), with CRLF line terminators
Hash 68f8af044f685b84c7d49ac2356acabf
585889874b36224e980f4d285044ec0fb478dc7c
9fe6a07f596d507305d1480e6bb301d04cbf5ef8660b24b9fa411e39607a7ab5
GET /wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 8560
content-type: application/javascript
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/uploads/2023/12/marseille-rennes-golovi-03-12-2023-150x150.jpg
192.185.106.252 4.6 kB URL www.vugla.com/wp-content/uploads/2023/12/marseille-rennes-golovi-03-12-2023-150x150.jpg
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 8f3fe6a447de7ffc617f577efa0956a9
96ca24e0538e54ec805a0f82988b4de1df5be5e0
16f4efa6094e759699598db401cfe110d97b465babc2c711e99fc07bb6376998
GET /wp-content/uploads/2023/12/marseille-rennes-golovi-03-12-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 04 Dec 2023 19:58:41 GMT
accept-ranges: bytes
content-length: 4562
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1
192.185.106.252 1.4 kB URL www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text
Hash 6755415003869bd599c3fae8e9792027
57946a22c79654014eb00fb548f727d302221873
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293
GET /wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:28 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 1389
content-type: application/javascript
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6
192.185.106.252 4.7 kB URL www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12917), with CRLF line terminators
Hash 416d2c5e5425c640a7d63f25e0376fd6
a95b218161d94bdb148d108aedf065b4a4762045
b875bead01dfa1b02a553e8efda0f3a65d39da24f19ad37af95f06795eee76dc
GET /wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 4708
content-type: application/javascript
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png
192.185.106.252 1.7 kB URL www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 42bec42b54ef1bb6bb9596efa815973d
88145ca02b72936eb430e818cd7a80f189ca9166
154a5b712eedff5cdee156292d8795dd139a350c7ed09982e5faec55a0ab2f42
GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 1659
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/png
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/images/no-image-half-landscape.png
192.185.106.252 7.4 kB URL www.vugla.com/wp-content/themes/vugla/images/no-image-half-landscape.png
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 290 x 166, 8-bit/color RGB, non-interlaced\012- data
Hash 5c6aa93ad727bc5572d87eea423448f7
d4e3a709099bd41de1f8500e27ce758ed17dd49b
aeeaf8e2b5f24cdb2d8f77045bf806ef846546b17080379b190321d274f02942
GET /wp-content/themes/vugla/images/no-image-half-landscape.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:04 GMT
accept-ranges: bytes
content-length: 7437
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/png
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/uploads/2023/12/slaven-belupo-dinamo-zagreb-golovi-04-12-2023-150x150.jpg
192.185.106.252 5.1 kB URL www.vugla.com/wp-content/uploads/2023/12/slaven-belupo-dinamo-zagreb-golovi-04-12-2023-150x150.jpg
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 14c77881e6b8a4d2b9618fc8c4c735a4
9b45e3998b328c39cca9b2c90395ab1410216da5
b331e719631fc4e82cf916716448fed5e06f6476987951cb4a1c32f79580d4b0
GET /wp-content/uploads/2023/12/slaven-belupo-dinamo-zagreb-golovi-04-12-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 04 Dec 2023 19:58:42 GMT
accept-ranges: bytes
content-length: 5079
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/uploads/2021/11/las-vegas-webcam-150x150.jpg
192.185.106.252 6.2 kB URL www.vugla.com/wp-content/uploads/2021/11/las-vegas-webcam-150x150.jpg
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 7232d222adbf508fe855c86ec73f32bd
802aff30255dd767e5829d7a3100e8be30d69675
db2852d9d1823c9a769e60dd23aab9df1abad22a0077d9f8c2e5e209e8d630a8
GET /wp-content/uploads/2021/11/las-vegas-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 24 Nov 2021 17:47:32 GMT
accept-ranges: bytes
content-length: 6150
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/uploads/2023/12/zvijezda-brgule-zrinjski-golovi-04-12-2023-150x150.jpg
192.185.106.252 8.0 kB URL www.vugla.com/wp-content/uploads/2023/12/zvijezda-brgule-zrinjski-golovi-04-12-2023-150x150.jpg
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 129fe59f1d2c98ab24ee44b4d9d9a112
85ee3fef250d6358cdeec0389279d8febed622af
9567f3b418ded940179b91d593636fe1ffe8c15ccf5921e199e7c28c9037d115
GET /wp-content/uploads/2023/12/zvijezda-brgule-zrinjski-golovi-04-12-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 04 Dec 2023 19:58:48 GMT
accept-ranges: bytes
content-length: 7971
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
192.185.106.252 21 kB URL www.vugla.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type gzip compressed data, from Unix\012- data
Hash 324c31c8979300be3484db9523f1311f
f563dca38599cedb40c4024cd60980f7324eafcc
bb920d575fddc5bf65fad88e504e913db3dd1c2b63fb057ae89bff05ded03932
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/uploads/2023/12/gosk-siroki-brijeg-golovi-03-12-2023-150x150.jpg
192.185.106.252 6.1 kB URL www.vugla.com/wp-content/uploads/2023/12/gosk-siroki-brijeg-golovi-03-12-2023-150x150.jpg
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 918216979e4ce28724487461c1c19602
993340d5f6391e30e85333f4cfa7749b40568c7a
0e261ad98ed78c446b01d76b1c2f901b322645dee8c297eeec44d961859fb303
GET /wp-content/uploads/2023/12/gosk-siroki-brijeg-golovi-03-12-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 04 Dec 2023 19:58:44 GMT
accept-ranges: bytes
content-length: 6102
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png
192.185.106.252 861 B URL www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 1d8dab6f1066b94b74f5611a8c918681
4e0edc7ba1ada49418772d8d581cd3d38518d490
bac6d2c8418e543d967d6e57710eda1ca4318ddd917c19a28fd63b4240e8d150
GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 861
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/png
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png
192.185.106.252 584 B URL www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 114d84e23ab95df71589ab5e67b93b85
2270334f4b83486ceaab53133e4706537c16f38a
1353c448068301ee8534bd1d3c8eb214863afa0b9f716222dfe93e2739cffac2
GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 584
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/png
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/uploads/2023/12/monaco-montpellier-golovi-03-12-2023-150x150.jpg
192.185.106.252 5.6 kB URL www.vugla.com/wp-content/uploads/2023/12/monaco-montpellier-golovi-03-12-2023-150x150.jpg
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 89ebb389589bad353bfff483800d6663
80da9fd7cc272e8e3b980d9e697c809ff64e005a
8b49eaf5819e26eb39f6ab8dda00c3d5d618982488e2cb6d05f5bd46e6e9fd3f
GET /wp-content/uploads/2023/12/monaco-montpellier-golovi-03-12-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 04 Dec 2023 19:58:34 GMT
accept-ranges: bytes
content-length: 5580
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/uploads/2023/11/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island-620x350.jpg
192.185.106.252 64 kB URL www.vugla.com/wp-content/uploads/2023/11/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island-620x350.jpg
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=Canon, model=Canon EOS 6D Mark II, xresolution=162, yresolution=170, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 11.5 (Windows), datetime=2023:10:14 12:44:58], baseline, precision 8, 620x350, components 3\012- data
Hash 1ff5f414aac0eb8bb75af695fa0addfe
fa26f490ffe8a065028af7313ab122b04f537048
cdae032f1576ef8fb8a3d8c0e7a1dbad1442f77122ab62134f96ebe1c2958d88
GET /wp-content/uploads/2023/11/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island-620x350.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 18 Nov 2023 07:18:04 GMT
accept-ranges: bytes
content-length: 63754
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/uploads/2021/11/joure-harbour%E2%80%93passantenhaven-webcam-150x150.jpg
192.185.106.252 5.3 kB URL www.vugla.com/wp-content/uploads/2021/11/joure-harbour%E2%80%93passantenhaven-webcam-150x150.jpg
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 669af66d55c0b1990d1f91ef53e8da22
a4d604f94fbd006b18bf0d1d546c927a4464b6d6
d770e9defa8329d7f290c1fd85caf00affaee42f07a990811f4bae55eb0e5d8e
GET /wp-content/uploads/2021/11/joure-harbour%E2%80%93passantenhaven-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 30 Nov 2021 14:32:46 GMT
accept-ranges: bytes
content-length: 5309
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png
192.185.106.252 5.9 kB URL www.vugla.com/wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 616a93e26f2d9261cd8412a8741f7be8
5fbfd88e502bcc766a9c9ef1d1751ed16ce1197c
306accb5ad46635aeb9481a9bc934c14ae474e924ec52b6673141c5acacd800d
GET /wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 22 Dec 2016 10:00:28 GMT
accept-ranges: bytes
content-length: 5880
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/png
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png
192.185.106.252 1.8 kB URL www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 9cb3d67f468539abb72395dc73934190
9928de37e21649c1799e3287a13f897a34aab5e1
04a457e988270cb1dc76bd57ac8e62fddf02c02b618a1ac6cb0880b93633f5e0
GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 1762
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/png
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/uploads/2023/12/toulouse-lorient-golovi-03-12-2023-150x150.jpg
192.185.106.252 5.2 kB URL www.vugla.com/wp-content/uploads/2023/12/toulouse-lorient-golovi-03-12-2023-150x150.jpg
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 47eb9cf15763634825436119fffd27e2
ab68bb0523c78f99c85715f48c83fb8fb81b0579
abd0440a7187dc0a5f6e5a130d440c6a81dd14288e819ac5b88b40c473242a2f
GET /wp-content/uploads/2023/12/toulouse-lorient-golovi-03-12-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 04 Dec 2023 19:58:36 GMT
accept-ranges: bytes
content-length: 5208
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/uploads/2021/11/sarzana-matteotti-square-webcam-150x150.jpg
192.185.106.252 8.1 kB URL www.vugla.com/wp-content/uploads/2021/11/sarzana-matteotti-square-webcam-150x150.jpg
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash dd418264baf24a3127cbf8e79ca78173
d4cdff035be116143948a5ce2d07084517193a42
06384bd8b205f8c7b3bbf5f0fa565c9ac465e918e4b05cd154406c9c8c73b6a6
GET /wp-content/uploads/2021/11/sarzana-matteotti-square-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 27 Nov 2021 11:25:26 GMT
accept-ranges: bytes
content-length: 8101
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/uploads/2021/11/kranjska-gora-webcam-150x150.jpg
192.185.106.252 6.0 kB URL www.vugla.com/wp-content/uploads/2021/11/kranjska-gora-webcam-150x150.jpg
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 989b60424d56f5946b48524e7bea5fa1
86ea5ad56aaa32d89398f3dc2b52c6cac6880c87
76c00718e82cff5e59d381080695ededa0b3173ea9fea5d64b13e19ef66bd5ea
GET /wp-content/uploads/2021/11/kranjska-gora-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Nov 2021 10:20:29 GMT
accept-ranges: bytes
content-length: 6044
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png
192.185.106.252 2.3 kB URL www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 91d33236832e22fe9743606623bd001a
d7101e60e49e86dbe1f34876228aa6831ad568f7
5571cdc5e0d90001474bf488c142929a02a39e55a4a7f61c44d1f94a4087eda1
GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 2328
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/png
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/uploads/2021/11/newyork-bryant-park-webcam-150x150.jpg
192.185.106.252 6.2 kB URL www.vugla.com/wp-content/uploads/2021/11/newyork-bryant-park-webcam-150x150.jpg
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 745b4a3b3497571feecaf9924b39ab30
18748491f70983c76ec8fffa2c4ccbcff0078233
ee1f3002de5e843e0b1ae4cfa4cec9d650f838c5c0ae6c0144fc15dcbb425363
GET /wp-content/uploads/2021/11/newyork-bryant-park-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 24 Nov 2021 18:01:04 GMT
accept-ranges: bytes
content-length: 6173
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/images/mobile-share/viber-64x64.png
192.185.106.252 7.1 kB URL www.vugla.com/wp-content/themes/vugla/images/mobile-share/viber-64x64.png
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash de186be4358ae6892385bcb78cc79b01
d933c306c857b9e84e321c4756d384a6e8093da2
c912b95fc0e537dbd5d103172a9ad3df2a3c8ad4ce5e6d6cebbaf31d7f6d58be
GET /wp-content/themes/vugla/images/mobile-share/viber-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 22 Dec 2016 10:00:29 GMT
accept-ranges: bytes
content-length: 7120
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/png
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/images/logo.png
192.185.106.252 7.9 kB URL www.vugla.com/wp-content/themes/vugla/images/logo.png
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 254 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash f8e78d7eed20f4d77ca41cbf9700c0fa
9c40c7c5ae212e070b2aceda05b7e34de143a670
cf314f8938fb5d378e49a7e09683a206e244024b7ca3a7ec1676f22804285ca7
GET /wp-content/themes/vugla/images/logo.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 18 Nov 2013 11:35:09 GMT
accept-ranges: bytes
content-length: 7870
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/png
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png
192.185.106.252 725 B URL www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 5da9fb18cfc9264a6e95b4a8bf4d2fcb
7bb78a36bc621ea268a0dad519c9c5c539e751ce
c6e399926b1aeb3634681cf7eb6af4e355325a6b2b6f8a89ad65ece3523fab18
GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 725
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/png
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/uploads/2021/11/la-spezie-webcam-150x150.jpg
192.185.106.252 7.7 kB URL www.vugla.com/wp-content/uploads/2021/11/la-spezie-webcam-150x150.jpg
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 239e370b2817148de6e9a27289744eb1
217ce84af2b1878330d3c9b6d0c01c6aab8a1512
b77877c9643ddb85f7533a7bcfb88565e55212d9c2cbb06aed53629be0601ce9
GET /wp-content/uploads/2021/11/la-spezie-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 27 Nov 2021 11:54:19 GMT
accept-ranges: bytes
content-length: 7738
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:49 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
192.185.106.252 83 B URL www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 409 Conflict
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
192.185.106.252 83 B URL www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 409 Conflict
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/css/style_reset.css
192.185.106.252 1.2 kB URL www.vugla.com/wp-content/themes/vugla/css/style_reset.css
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash b5ae6c0ccd961d29a2924b03b0cbdd6e
3293dc40aa870c1cf79180eb7bd5c2ff28f3bd0a
0838fff76cfa3bad87963e64a610ea8d60b2dc8d0781a7531a2385f65de1ab2f
GET /wp-content/themes/vugla/css/style_reset.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:34 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 1152
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/css/flexslider.css
192.185.106.252 1.5 kB URL www.vugla.com/wp-content/themes/vugla/css/flexslider.css
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash aed0d9c2792c1ca777bfce04eb08ae7a
64e98271e4539dbf8819fa9d801017423c9bc30b
7f7b09426068a9bacddeefcf29f89063307fdc903ac45a569853b8c452d9b62d
GET /wp-content/themes/vugla/css/flexslider.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 08 May 2014 09:18:47 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 1526
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/css/elastislide.css
192.185.106.252 674 B URL www.vugla.com/wp-content/themes/vugla/css/elastislide.css
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash fac0ce1d7bcbe2001f963e204b03b3a4
fe650403bcbc74567e384eb3762c874835f6cad1
d8dcd83dfb6275b55ae8e495f6924dcfc52024a52f5639446a00de846ec7c7b9
GET /wp-content/themes/vugla/css/elastislide.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:21 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 674
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/css/style_400.css
192.185.106.252 2.4 kB URL www.vugla.com/wp-content/themes/vugla/css/style_400.css
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 1150741460f65df53d2a23c598e5807c
5520fd0a709fdfdc80089452403dbfa49b79f7d4
e0e19f2d1b42abb0a12a95da1488a3fb300ceeb34984bc9e321063184acb019b
GET /wp-content/themes/vugla/css/style_400.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 2412
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/css/style_320.css
192.185.106.252 2.4 kB URL www.vugla.com/wp-content/themes/vugla/css/style_320.css
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash cc437b9ea4ed072bf7636ec9013f026d
df8db436e5193d474b97364dc0cd532a9b390fe5
4e92c5bc2c3f90209e1bec52f50461d8c04d82a539296918f0db0c61af63aab2
GET /wp-content/themes/vugla/css/style_320.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 2413
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/css/style_768.css
192.185.106.252 2.5 kB URL www.vugla.com/wp-content/themes/vugla/css/style_768.css
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (408), with CRLF line terminators
Hash 14b717ed0c77c605f84b5b9a6b9892e9
5723bca38e18b8155b26f923590a05657911a377
6f37f5624b7bc60317a9c37a473fdf7dc34474d5f52cf169a7d52b35ca1dc0dd
GET /wp-content/themes/vugla/css/style_768.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:32 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 2538
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js
173.233.139.164 9.3 kB URL pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js
IP 173.233.139.164:0
File type Unicode text, UTF-8 text, with very long lines (25091), with no line terminators
Hash 3a5a93a281d36ff698e93c24a95070d1
e45e289cdc52b258cf374bc1dc2cdd56204b9741
f7be2d361332f72bb32b3945318d23768efd5a2453e7496e2647c7714e68c5d0
GET /c9123167a2366d360cd4d80dad2ac358/invoke.js HTTP/1.1
Host: pl16411290.alternativecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:22:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 469cab8b823e5818926595f7d298de8f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.kursnalista.co/banners/banners.js
192.185.106.47 1.3 kB URL www.kursnalista.co/banners/banners.js
IP 192.185.106.47:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, Unicode text, UTF-8 text, with very long lines (394), with CRLF line terminators
Hash 0fa58c243ecc9c6ff829da27563c78c4
771e757dcaddc90a127b557e6a8a69b9dfe4767d
4631955f687225007a1227be7e662f1f45798c13a573f70670e748ff50aa194b
GET /banners/banners.js HTTP/1.1
Host: www.kursnalista.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Sun, 10 Jul 2022 10:44:43 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1261
content-type: application/javascript
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js
173.233.137.36 15 kB URL pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (42820), with no line terminators
Hash 47edabce06340dbb7b4f71b41d0686fc
ad619dde36efde71e8641bc5c40e3cfbe74dc1f0
7f24daae055fcecf9a5a5a267d53559e735131a452e68bbb21dfba1c96113651
GET /d1/37/02/d137022925bcc2a680f8a4476ff94144.js HTTP/1.1
Host: pl15560907.passtechusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:22:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9abc4d8926c69ce5a7b3a2b8cac4024a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.vugla.com/wp-content/themes/vugla/css/wpp.css
192.185.106.252 357 B URL www.vugla.com/wp-content/themes/vugla/css/wpp.css
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 6b44660f121f565e2aab91b7b321ff28
62628718b7edeaccc74d1943d36bc1e0c9d16512
467aa063b813fd2fc1b3ebabc45d6e840d807dad90c169f0ee12f93bcf667851
GET /wp-content/themes/vugla/css/wpp.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:37 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 357
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/css/style_1024.css
192.185.106.252 2.3 kB URL www.vugla.com/wp-content/themes/vugla/css/style_1024.css
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 7f4d3aa769cc8bb0e3c77745ff5c9d64
2da3458d48663a397a5a42c3bb52777bc5889dc0
7a6c4ca634ef663c6a3887df843fc04c40632ff46c53eb9f7d35bfcde21453b4
GET /wp-content/themes/vugla/css/style_1024.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:28 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 2267
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/css/tabber.css
192.185.106.252 1.7 kB URL www.vugla.com/wp-content/themes/vugla/css/tabber.css
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash a3e36a4db7b488bd984dd17c6e17cf63
33e7b11f7e1f149f954b6d938db9e36599816e8a
3609900b90f9835e1525c38bb6b1bcbffea0a14894799e54a07c2a9df09cb03d
GET /wp-content/themes/vugla/css/tabber.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-length: 1710
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/css/style_main.css
192.185.106.252 71 kB URL www.vugla.com/wp-content/themes/vugla/css/style_main.css
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type gzip compressed data, from Unix\012- data
Hash ede9b29193f5070e272948e23e4d3f98
121728e1d776b6810b9b77d21decdc82d867350f
d91bafb34156bbe053a665b4dd8981cef6a086e28e26d10a5bdad2031aa91d0d
GET /wp-content/themes/vugla/css/style_main.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 23 May 2014 15:19:09 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
content-type: text/css
date: Mon, 04 Dec 2023 23:22:49 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
216.58.207.227 50 kB URL fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 50368, version 1.0\012- data
Hash 4facfd6ff39e147b7e39c4b1abe4117d
0f7c0d978c209d21eb3f55950fc43e77c196ec3b
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334
GET /s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:48:09 GMT
expires: Fri, 29 Nov 2024 04:48:09 GMT
cache-control: public, max-age=31536000
age: 412481
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227 48 kB URL fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Hash e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 411712
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.vugla.com/wp-content/uploads/2013/11/bckg-vugla-dark.jpg
192.185.106.252 267 kB URL www.vugla.com/wp-content/uploads/2013/11/bckg-vugla-dark.jpg
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 2000x1200, components 3\012- data
Size 267 kB (267247 bytes)
Hash 11e97d76a4b329319978b9da6f46b5b0
ae03d14a5b568ed59c1772ee2065e160e93428ae
9fbe33f0e52a532495bb5d56584e250e0d3cf1acc5a04acb7cbb2e39bb6c6a42
GET /wp-content/uploads/2013/11/bckg-vugla-dark.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 20 Nov 2013 16:40:33 GMT
accept-ranges: bytes
content-length: 267247
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:50 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
192.185.106.252 0 B URL www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-pingback: https://www.vugla.com/xmlrpc.php
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/", <https://www.vugla.com/wp-json/wp/v2/posts/571647>; rel="alternate"; type="application/json", <https://www.vugla.com/?p=571647>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=10800
expires: Tue, 05 Dec 2023 02:22:50 GMT
vary: User-Agent
referrer-policy:
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 23:22:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/images/search-arrow.png
192.185.106.252 3.1 kB URL www.vugla.com/wp-content/themes/vugla/images/search-arrow.png
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 75 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 3f8933cdf4d27e317eb59959257f8c7a
b16e414fcb1561603cbf4ac404ec8b6fae1563ff
167925a8f225d7fc340317265409496b2d90e4313bd7d70bca4262bb1477eaf0
GET /wp-content/themes/vugla/images/search-arrow.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:13 GMT
accept-ranges: bytes
content-length: 3075
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:50 GMT
referrer-policy:
pragma: public
content-type: image/png
date: Mon, 04 Dec 2023 23:22:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/images/preloader.gif
192.185.106.252 1.7 kB URL www.vugla.com/wp-content/themes/vugla/images/preloader.gif
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 16 x 16\012- data
Hash dd6b7b0bf5c3af22499abc0a9ee1e1b2
e8c0018145d616fac4deb460d9c1d9c9dd4d3302
0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847
GET /wp-content/themes/vugla/images/preloader.gif HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:08 GMT
accept-ranges: bytes
content-length: 1737
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:50 GMT
referrer-policy:
pragma: public
content-type: image/gif
date: Mon, 04 Dec 2023 23:22:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
192.185.106.252 0 B URL www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-pingback: https://www.vugla.com/xmlrpc.php
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/", <https://www.vugla.com/wp-json/wp/v2/posts/571647>; rel="alternate"; type="application/json", <https://www.vugla.com/?p=571647>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=10800
expires: Tue, 05 Dec 2023 02:22:50 GMT
vary: User-Agent
referrer-policy:
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 23:22:50 GMT
server: Apache
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254 12 B URL fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1736
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 04 Dec 2023 23:23:32 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
my.rtmark.net/gid.js
139.45.195.8 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 4b0b13f7ac474adf0dd9322cced62e73
8952c690024ac6541d15370e3600bd3203e46ef8
b025d91e36a03a79816c01ada5a9401fa9adcbda6c290efdfb844a08f23f5e90
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 23:22:51 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5edf7fca69824fc0be38230bd9ddaf83; expires=Tue, 03 Dec 2024 23:22:51 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
eehuzaih.com/500/5005565?excludes=&oaid=5edf7fca69824fc0be38230bd9ddaf83&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
139.45.197.237 0 B URL eehuzaih.com/500/5005565?excludes=&oaid=5edf7fca69824fc0be38230bd9ddaf83&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5005565?excludes=&oaid=5edf7fca69824fc0be38230bd9ddaf83&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 23:22:51 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js
173.233.139.164 11 kB URL www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (29643), with no line terminators
Hash 223406d9dbf6d31ee7d9236d1c95ea29
8a45024df7b5013212b1fd369c5670655bd55b66
8eb1cd23b38e67fb1ec812debb06ff9f68891aeecaf2edeba8c0a73081c27ed0
GET /c3b6bab9a3e6c622d733121998e0014d/invoke.js HTTP/1.1
Host: www.variouscreativeformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:22:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d45208ee267ca563531a506df26eb2d8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg
172.67.22.216 19 kB URL offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg
IP 172.67.22.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 71581bf2ce9a00138faf7dd80fe3e12e
56479135ed64bf23e1037067c0c87047eb8a414c
5d9f95c8c06343cc189b38268296615ed8816d8154b4b782ad0d62bedd23525e
GET /www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:22:51 GMT
content-type: image/jpeg
content-length: 19381
cache-control: max-age=86400
cf-bgj: h2pri
etag: "65674405-4bb5"
expires: Tue, 05 Dec 2023 14:12:40 GMT
last-modified: Wed, 29 Nov 2023 14:00:37 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 33011
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307cb3869aeb50c-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
216.58.207.227 35 kB URL fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Hash dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:49 GMT
expires: Thu, 28 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
age: 438362
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
216.58.207.227 35 kB URL fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Hash dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:49 GMT
expires: Thu, 28 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
age: 438362
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
216.58.207.227 50 kB URL fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 50368, version 1.0\012- data
Hash 4facfd6ff39e147b7e39c4b1abe4117d
0f7c0d978c209d21eb3f55950fc43e77c196ec3b
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334
GET /s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:48:09 GMT
expires: Fri, 29 Nov 2024 04:48:09 GMT
cache-control: public, max-age=31536000
age: 412482
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT>m=45je3bt0v879882835&_p=1701732176260&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1931742956.1701732177&ul=en-us&sr=1280x1024&_s=1&sid=1701732176&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&dt=Cardinal%20Point%20predstavlja%20prvi%20istoimeni%20singl%20sa%20albuma%20%E2%80%9EMan%20Or%20Island%E2%80%9C%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3562
216.239.34.36 0 B URL region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT>m=45je3bt0v879882835&_p=1701732176260&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1931742956.1701732177&ul=en-us&sr=1280x1024&_s=1&sid=1701732176&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&dt=Cardinal%20Point%20predstavlja%20prvi%20istoimeni%20singl%20sa%20albuma%20%E2%80%9EMan%20Or%20Island%E2%80%9C%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3562
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7NCJ73THPT>m=45je3bt0v879882835&_p=1701732176260&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1931742956.1701732177&ul=en-us&sr=1280x1024&_s=1&sid=1701732176&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&dt=Cardinal%20Point%20predstavlja%20prvi%20istoimeni%20singl%20sa%20albuma%20%E2%80%9EMan%20Or%20Island%E2%80%9C%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3562 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.vugla.com
date: Mon, 04 Dec 2023 23:22:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
192.185.106.252 83 B URL www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701732176.1.0.1701732176.60.0.0; _ga=GA1.1.1931742956.1701732177
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 409 Conflict
date: Mon, 04 Dec 2023 23:22:51 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
proftrafficcounter.com/stats
18.157.140.81 40 B URL proftrafficcounter.com/stats
IP 18.157.140.81:0
File type ASCII text, with no line terminators
Hash c77a333b388bc938c78b4a6cdc47fd4e
097bc8e91456923a69bc80d821a977080319edab
85725048003a0f5c752aef0603347046d2b92a9abd8d2f79a2ecac71daf2388b
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:22:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.vugla.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=fc4001ec-fdbb-4950-8a36-c5afb9b9fa2e:1:1; expires=Thu, 01 Dec 2033 23:22:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.vugla.com/wp-content/themes/vugla/images/small-social-sprite.png
192.185.106.252 3.8 kB URL www.vugla.com/wp-content/themes/vugla/images/small-social-sprite.png
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 272 x 95, 8-bit/color RGBA, non-interlaced\012- data
Hash 1aabf6dabc51ca6168aa98fbecbf79e2
0e4cb499aff16fedb2097658da7d2baa1bdafaa8
09ac67d0b81afe77f52b59ee9abc68ba2dd7cf0ebbc85703c75a76c2586e93aa
GET /wp-content/themes/vugla/images/small-social-sprite.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701732176.1.0.1701732176.60.0.0; _ga=GA1.1.1931742956.1701732177
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:16 GMT
accept-ranges: bytes
content-length: 3812
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:51 GMT
referrer-policy:
pragma: public
content-type: image/png
date: Mon, 04 Dec 2023 23:22:51 GMT
server: Apache
X-Firefox-Spdy: h2
eehuzaih.com/400/5005565
139.45.197.237 35 kB IP 139.45.197.237:0
File type gzip compressed data, max speed, from Unix\012- data
Hash 1add55e0e0ca22fd4a8ce2c0cacbc80b
3b682278d294fb5cfc2ecfd538b450ffb39b4ecf
af8c79a053c56ccc6ddc6edab86b6efdb20bf264e25f2e77fcefeacec4a90476
GET /400/5005565 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 23:22:50 GMT
content-type: application/javascript
x-trace-id: 1f8fe3afa3a20d6582586b89097944d0
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=7bc7590d263846b7b444697d511295b5; expires=Tue, 03 Dec 2024 23:22:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
proftrafficcounter.com/stats
18.157.140.81 40 B URL proftrafficcounter.com/stats
IP 18.157.140.81:0
File type ASCII text, with no line terminators
Hash 405dc9db4f38c5acfb59029e793562fe
5a90b5f5ed6254987422abd89ef084857a47891f
9c6aee4afc1ea5e752dd03d5b32dde830f8cc696557d20e0d3d665b48e221aad
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:22:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.vugla.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=a314c999-aac4-4252-b0ae-5272b5b46625:1:1; expires=Thu, 01 Dec 2033 23:22:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
propu.sh/zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
139.45.197.250 972 B URL propu.sh/zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (971)
Hash 64f047fe127c40083700b04d3811ca27
8f6e71715f3ae8766c33ae08d590fdc202bd865d
0dd4bfd4e574ecf2df30bcd49a6afbc84ffe9a14227f17502561dfca63a51ac7
GET /zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 23:22:51 GMT
content-type: application/json; charset=utf-8
content-length: 972
x-trace-id: 3ae91bcbb27c87635052175426771478
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.youtube.com/s/player/31e0b6d9/www-player.css
142.250.74.78 49 kB URL www.youtube.com/s/player/31e0b6d9/www-player.css
IP 142.250.74.78:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 18f844aa571ef66c0f165fe56a2f0821
849c61720b741db03f689c461e8e4eedd3c4ce21
436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec
GET /s/player/31e0b6d9/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hbCmPZhKCFQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:32:12 GMT
expires: Fri, 29 Nov 2024 04:32:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 413439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/embed.js
142.250.74.78 16 kB URL www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/embed.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (3391)
Hash 4b993df6aaec92ba17cc4d526ad2e4bd
a0b696788d5d621280e4f642b4c66875d40870cb
f21a803f0b7f63109cd608bfbe9769a3dc2e2a17c8e885826529d3981d15d313
GET /s/player/31e0b6d9/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hbCmPZhKCFQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 16506
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:32:15 GMT
expires: Fri, 29 Nov 2024 04:32:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 413436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.kursnalista.co/banners/kurs_evra_300x600.jpg
192.185.106.47 82 kB URL www.kursnalista.co/banners/kurs_evra_300x600.jpg
IP 192.185.106.47:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 300x600, components 3\012- data
Hash 2bc3bac615ed6dd33f38935d16af4551
7139c6fb819bad962207b8a84f9da8ffa3296015
06fdbdad1516fe5c68a00f2268c3ef7d9880d29420464ab4ea1ed6f6b44ed340
GET /banners/kurs_evra_300x600.jpg HTTP/1.1
Host: www.kursnalista.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Jun 2015 16:18:55 GMT
accept-ranges: bytes
content-length: 81757
content-type: image/jpeg
date: Mon, 04 Dec 2023 23:22:51 GMT
server: Apache
X-Firefox-Spdy: h2
www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js
142.250.74.78 98 kB URL www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (682)
Hash 24cd2bdc1dd00086a1efbc664060bb49
064027f89f2e8f22be774e7468f7ae4ab79efcbc
4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd
GET /s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hbCmPZhKCFQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 98499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:32:12 GMT
expires: Fri, 29 Nov 2024 04:32:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 413439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
192.185.106.252 83 B URL www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701732176.1.0.1701732176.60.0.0; _ga=GA1.1.1931742956.1701732177; dom3ic8zudi28v8lr6fgphwffqoz0j6c=a314c999-aac4-4252-b0ae-5272b5b46625%3A1%3A1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 409 Conflict
date: Mon, 04 Dec 2023 23:22:51 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227 15 kB URL fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 10:04:07 GMT
expires: Fri, 29 Nov 2024 10:04:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 393525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227 16 kB URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 11:28:20 GMT
expires: Fri, 29 Nov 2024 11:28:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 388472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
my.rtmark.net/gid.js?pub=0&userId=bea91147ed4d4224b8bf8868043513ec&zoneId=1548391&checkDuplicate=true&ymid=&var=
139.45.195.8 65 B URL my.rtmark.net/gid.js?pub=0&userId=bea91147ed4d4224b8bf8868043513ec&zoneId=1548391&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 4b0b13f7ac474adf0dd9322cced62e73
8952c690024ac6541d15370e3600bd3203e46ef8
b025d91e36a03a79816c01ada5a9401fa9adcbda6c290efdfb844a08f23f5e90
GET /gid.js?pub=0&userId=bea91147ed4d4224b8bf8868043513ec&zoneId=1548391&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Cookie: ID=5edf7fca69824fc0be38230bd9ddaf83
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 23:22:52 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5edf7fca69824fc0be38230bd9ddaf83; expires=Tue, 03 Dec 2024 23:22:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 23:22:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/base.js
142.250.74.78 784 kB URL www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/base.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (555)
Size 784 kB (784263 bytes)
Hash 101fe6d09a2a65ba52bbafa55f73d316
46b1b5f64db74e841d0f606543980dea804707d8
ddc70bebc8a0e4ae5b13a5f8409693a3e88aa4b4415a75f632f11d0f0c423457
GET /s/player/31e0b6d9/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hbCmPZhKCFQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 784263
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:32:15 GMT
expires: Fri, 29 Nov 2024 04:32:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 413436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
propu.sh/custom
139.45.197.250 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 435
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 23:22:52 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 13728127182c67ecba6ba966db4d2a9f
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&sah=1024&drf=&hil=1&ist=0&oaid=5edf7fca69824fc0be38230bd9ddaf83
139.45.197.238 0 B URL tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&sah=1024&drf=&hil=1&ist=0&oaid=5edf7fca69824fc0be38230bd9ddaf83
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&sah=1024&drf=&hil=1&ist=0&oaid=5edf7fca69824fc0be38230bd9ddaf83 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 04 Dec 2023 23:22:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
142.250.74.78 226 B URL apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
IP 142.250.74.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4df07581948280a6e769a24c5d99d775
843a2c95362347eb8894a6acb607f139be65ded4
3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73
GET /u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 23:22:52 GMT
expires: Mon, 04 Dec 2023 23:52:52 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
amunfezanttor.com/event
139.45.197.250 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 23:22:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250 94 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 370329975332500e836aa70c28c25017
308522b39d2cbf7f2c4363c3976e84fba9804696
0546061965ef1f6b2834a87edb98ec3c42e77df7efdf7b0a2fe884822447be28
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 574
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 23:22:52 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&sah=1024&drf=&hil=1&ist=0&oaid=5edf7fca69824fc0be38230bd9ddaf83
139.45.197.238 3.4 kB URL tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&sah=1024&drf=&hil=1&ist=0&oaid=5edf7fca69824fc0be38230bd9ddaf83
IP 139.45.197.238:0
File type gzip compressed data, max speed, from Unix\012- data
Hash 7dad5c0a9d3e3e3e8b9afe272b8ae989
168b6665958f5c87dce16647aee288e4106314c7
1f02fc09dc6bd0409624a4df53bf1e6684b1e1324e8d250285685e72dd108dc6
POST /9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&sah=1024&drf=&hil=1&ist=0&oaid=5edf7fca69824fc0be38230bd9ddaf83 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 181
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: scm=1; OAID=4b23ef725e3744749604b5737874fc13; oaidts=1701732169
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 23:22:52 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: aecab581cb1ebfeb4d107bd702b53006
access-control-expose-headers: X-Sc
set-cookie: OAID=5edf7fca69824fc0be38230bd9ddaf83; expires=Tue, 03 Dec 2024 23:22:52 GMT; secure; SameSite=None
oaidts=1701732169; expires=Tue, 03 Dec 2024 23:22:52 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
www.profitabledisplaycontent.com/watch.1330911480102.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22cardinal%22%2C%22point%22%2C%22predstavlja%22%2C%22prvi%22%2C%22istoimeni%22%2C%22singl%22%2C%22sa%22%2C%22albuma%22%2C%22%E2%80%9Eman%22%2C%22or%22%2C%22island%E2%80%9C%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&tz=0&dev=e&res=14.3095&uuid=fc4001ec-fdbb-4950-8a36-c5afb9b9fa2e%3A1%3A1
192.243.59.13 0 B URL www.profitabledisplaycontent.com/watch.1330911480102.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22cardinal%22%2C%22point%22%2C%22predstavlja%22%2C%22prvi%22%2C%22istoimeni%22%2C%22singl%22%2C%22sa%22%2C%22albuma%22%2C%22%E2%80%9Eman%22%2C%22or%22%2C%22island%E2%80%9C%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&tz=0&dev=e&res=14.3095&uuid=fc4001ec-fdbb-4950-8a36-c5afb9b9fa2e%3A1%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1330911480102.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22cardinal%22%2C%22point%22%2C%22predstavlja%22%2C%22prvi%22%2C%22istoimeni%22%2C%22singl%22%2C%22sa%22%2C%22albuma%22%2C%22%E2%80%9Eman%22%2C%22or%22%2C%22island%E2%80%9C%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&tz=0&dev=e&res=14.3095&uuid=fc4001ec-fdbb-4950-8a36-c5afb9b9fa2e%3A1%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 23:22:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.1330911480102.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22cardinal%22%2C%22point%22%2C%22predstavlja%22%2C%22prvi%22%2C%22istoimeni%22%2C%22singl%22%2C%22sa%22%2C%22albuma%22%2C%22%E2%80%9Eman%22%2C%22or%22%2C%22island%E2%80%9C%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&tz=0&dev=e&res=14.3095&uuid=fc4001ec-fdbb-4950-8a36-c5afb9b9fa2e%3A1%3A1&shu=129a133a0ddc3284ceca59031fdc5748c4b1d06d9cc343c503626b38b7c6d54450e9ad71382f02d2e9cc9fd7086ccd5bde4cdcb4dc606fd134e43402105ae63a7a47150f714ad7351d7d1629a6c0faab51c01747b9a08f397ff24ab817cc267c8335a1&pst=1701732232&rmtc=t
Set-Cookie: u_pl=14611544; expires=Tue, 05 Dec 2023 23:22:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDYxMTU0NCwiayI6ImMzYjZiYWI5YTNlNmM2MjJkNzMzMTIxOTk4ZTAwMTRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDcwMTYsInBpZCI6ODU0ODQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjcsInB0Ijo0LCJwayI6ImUydHg4d3EydHciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tL2NhcmRpbmFsLXBvaW50LXByZWRzdGF2bGphLXBydmktaXN0b2ltZW5pLXNpbmdsLXNhLWFsYnVtYS1tYW4tb3ItaXNsYW5kLmh0bWwiLCJhciI6W119fQ.B_P3E1ffxWUKcM1yBdMxAmssj7Ra3mZJoBk7_J7SXYc; expires=Mon, 04 Dec 2023 23:23:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1f246a9be7effaf6694d4d60a21a1839
Strict-Transport-Security: max-age=0; includeSubdomains
www.vugla.com/wp-content/themes/vugla/images/pattern-filter.png
192.185.106.252 2.8 kB URL www.vugla.com/wp-content/themes/vugla/images/pattern-filter.png
IP 192.185.106.252:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced\012- data
Hash 6d6f2d483736ba6f70063740ddf2841b
3b9dee704da0bf19a56b46584a55226a137504a9
dca9f66f2ff2d735f415080def56d34e60cf13cc65668bf9b422103cd3bee2a5
GET /wp-content/themes/vugla/images/pattern-filter.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701732176.1.0.1701732176.60.0.0; _ga=GA1.1.1931742956.1701732177; dom3ic8zudi28v8lr6fgphwffqoz0j6c=a314c999-aac4-4252-b0ae-5272b5b46625%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:06 GMT
accept-ranges: bytes
content-length: 2804
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Tue, 03 Dec 2024 23:22:52 GMT
referrer-policy:
pragma: public
content-type: image/png
date: Mon, 04 Dec 2023 23:22:52 GMT
server: Apache
X-Firefox-Spdy: h2
www.profitabledisplaycontent.com/watch.1330911480102.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22cardinal%22%2C%22point%22%2C%22predstavlja%22%2C%22prvi%22%2C%22istoimeni%22%2C%22singl%22%2C%22sa%22%2C%22albuma%22%2C%22%E2%80%9Eman%22%2C%22or%22%2C%22island%E2%80%9C%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&tz=0&dev=e&res=14.3095&uuid=fc4001ec-fdbb-4950-8a36-c5afb9b9fa2e%3A1%3A1&shu=129a133a0ddc3284ceca59031fdc5748c4b1d06d9cc343c503626b38b7c6d54450e9ad71382f02d2e9cc9fd7086ccd5bde4cdcb4dc606fd134e43402105ae63a7a47150f714ad7351d7d1629a6c0faab51c01747b9a08f397ff24ab817cc267c8335a1&pst=1701732232&rmtc=t
192.243.59.13 643 B URL www.profitabledisplaycontent.com/watch.1330911480102.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22cardinal%22%2C%22point%22%2C%22predstavlja%22%2C%22prvi%22%2C%22istoimeni%22%2C%22singl%22%2C%22sa%22%2C%22albuma%22%2C%22%E2%80%9Eman%22%2C%22or%22%2C%22island%E2%80%9C%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&tz=0&dev=e&res=14.3095&uuid=fc4001ec-fdbb-4950-8a36-c5afb9b9fa2e%3A1%3A1&shu=129a133a0ddc3284ceca59031fdc5748c4b1d06d9cc343c503626b38b7c6d54450e9ad71382f02d2e9cc9fd7086ccd5bde4cdcb4dc606fd134e43402105ae63a7a47150f714ad7351d7d1629a6c0faab51c01747b9a08f397ff24ab817cc267c8335a1&pst=1701732232&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (603)
Hash a7ddc4cb3d474a20fffa1e71e840e429
252169dc2a35eec55e0ee93d6f8425cc5b6cd125
ed18950b293e0f3579e708fe3247e179511b21645e524ede5b9e762caa84c40b
GET /watch.1330911480102.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22cardinal%22%2C%22point%22%2C%22predstavlja%22%2C%22prvi%22%2C%22istoimeni%22%2C%22singl%22%2C%22sa%22%2C%22albuma%22%2C%22%E2%80%9Eman%22%2C%22or%22%2C%22island%E2%80%9C%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&tz=0&dev=e&res=14.3095&uuid=fc4001ec-fdbb-4950-8a36-c5afb9b9fa2e%3A1%3A1&shu=129a133a0ddc3284ceca59031fdc5748c4b1d06d9cc343c503626b38b7c6d54450e9ad71382f02d2e9cc9fd7086ccd5bde4cdcb4dc606fd134e43402105ae63a7a47150f714ad7351d7d1629a6c0faab51c01747b9a08f397ff24ab817cc267c8335a1&pst=1701732232&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
Referer: https://www.vugla.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=14611544; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDYxMTU0NCwiayI6ImMzYjZiYWI5YTNlNmM2MjJkNzMzMTIxOTk4ZTAwMTRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDcwMTYsInBpZCI6ODU0ODQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjcsInB0Ijo0LCJwayI6ImUydHg4d3EydHciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tL2NhcmRpbmFsLXBvaW50LXByZWRzdGF2bGphLXBydmktaXN0b2ltZW5pLXNpbmdsLXNhLWFsYnVtYS1tYW4tb3ItaXNsYW5kLmh0bWwiLCJhciI6W119fQ.B_P3E1ffxWUKcM1yBdMxAmssj7Ra3mZJoBk7_J7SXYc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 23:22:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fc4001ec-fdbb-4950-8a36-c5afb9b9fa2e:1:1; expires=Mon, 11 Dec 2023 23:22:52 GMT; secure; SameSite=None
iprc7fec1cb7da9b2b209d286bb8d61b3422=2717342; expires=Wed, 06 Dec 2023 01:22:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 05 Dec 2023 23:22:52 GMT; secure; SameSite=None
uncs=1; expires=Tue, 05 Dec 2023 23:22:52 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 05 Dec 2023 23:22:52 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 05 Dec 2023 23:22:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ff72162e48f7025e1a96fc2f8f4f5708
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
amunfezanttor.com/event
139.45.197.250 94 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 3f5a38f6e0cf214de0e232623b61ef22
80d188279eb3a11839a5a46fe45ffb372cbe99e6
9f1551176f5c72c1c253f36cc7fe71192e49506f7f0abb72b1eca4bc78d7da77
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 574
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 23:22:52 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
tharbadir.com/121?rnd=1157154129&z=2892323&b=19741376&c=7707133&var=&varid=0&d=https%3A%2F%2Ft9wys.bemobtrcks.com%2Fgo%2F8b58584c-14ca-456c-978b-dee053d06abe%3Fvisitor_id%3D755682107243630592%26zoneid%3D2892323%26campaignid%3D7707133%26bannerid%3D19741376%26cost%3D%7Bcost%7D&cln={CELL_NUMBER}&btp=7&rb=_11547SWFuSgOf45Vhu7o5ZeALOe1tUtlDebLCIPOnZCFdB7ID-MXFPMxya7szq9-zhZl9GWpNgP0e13TjTeadVGip77zXzozDAUnJQt3mU0w0N4-zFnZ5M11ctJnkQS5ZTErY7DY33_rUKgDmG5XQHUDhOKYHU-yjeubn-mqP5fE13OsXpPARhJBzEN-DZzjBqH0QpMEyA5XGVB-kU-_R39uyd5gkMzz69qJKYm8qDMOeiDgAuiPuqEIMRS14kOflMurAj7IJAVr4tO9x907CUfNQVLW7B9E5FaXkhZ3GD2P7b6fjntzfTwH3PRvyAUhSAtyeCw-XSA7zlFCsdXNf0WGCxn-YkAYZENE5YLoNckfavwUNHlvnnhwnw9dUqedJZyqIQ0NIw2MlFLsa4BYfC4QVNg8UZBKRyKhQwrrPusRwR3uW14Ef24rPwp0NDwhqNorJz2-FvfEWBoJIrx1YobaVoaQsWPmbyoLSsrdISmi-RuxEHRbUJfW4R84OforDqKy4gYGbOGDWc5qrgcJeeFmQK5_N3fNSqcWAvDOrtdmEWbLhcJ2xzqhNYIXqbffOon87I2D52FeGL_uw1GwmKZaePVn0WrqeyGz_ywC1ON2hOapc-vrpMkodIYWz5Dux5ibDGaCE-NWW4tavdMMFrQSYGUGCCHmeQdF7jyO9HvHHBE1W6lnpOnQsydaCE-oUFnG6ISwFLgZ0zMDC3mneh0GYFKWVQmQDmjE3g_blr5fsBf2NwZFGkpkX16GWcvqdhZIeudv3ILdZCZAXwZtr0ywwoCOUGc&bag=NIj9DXwYmK1yOikLbOW8KKVMPH-g0SyE&ruid=1721bfa9-b7d0-4589-9f56-b82a7ecb1b86&subid=755682107243630592
139.45.197.238 0 B URL tharbadir.com/121?rnd=1157154129&z=2892323&b=19741376&c=7707133&var=&varid=0&d=https%3A%2F%2Ft9wys.bemobtrcks.com%2Fgo%2F8b58584c-14ca-456c-978b-dee053d06abe%3Fvisitor_id%3D755682107243630592%26zoneid%3D2892323%26campaignid%3D7707133%26bannerid%3D19741376%26cost%3D%7Bcost%7D&cln={CELL_NUMBER}&btp=7&rb=_11547SWFuSgOf45Vhu7o5ZeALOe1tUtlDebLCIPOnZCFdB7ID-MXFPMxya7szq9-zhZl9GWpNgP0e13TjTeadVGip77zXzozDAUnJQt3mU0w0N4-zFnZ5M11ctJnkQS5ZTErY7DY33_rUKgDmG5XQHUDhOKYHU-yjeubn-mqP5fE13OsXpPARhJBzEN-DZzjBqH0QpMEyA5XGVB-kU-_R39uyd5gkMzz69qJKYm8qDMOeiDgAuiPuqEIMRS14kOflMurAj7IJAVr4tO9x907CUfNQVLW7B9E5FaXkhZ3GD2P7b6fjntzfTwH3PRvyAUhSAtyeCw-XSA7zlFCsdXNf0WGCxn-YkAYZENE5YLoNckfavwUNHlvnnhwnw9dUqedJZyqIQ0NIw2MlFLsa4BYfC4QVNg8UZBKRyKhQwrrPusRwR3uW14Ef24rPwp0NDwhqNorJz2-FvfEWBoJIrx1YobaVoaQsWPmbyoLSsrdISmi-RuxEHRbUJfW4R84OforDqKy4gYGbOGDWc5qrgcJeeFmQK5_N3fNSqcWAvDOrtdmEWbLhcJ2xzqhNYIXqbffOon87I2D52FeGL_uw1GwmKZaePVn0WrqeyGz_ywC1ON2hOapc-vrpMkodIYWz5Dux5ibDGaCE-NWW4tavdMMFrQSYGUGCCHmeQdF7jyO9HvHHBE1W6lnpOnQsydaCE-oUFnG6ISwFLgZ0zMDC3mneh0GYFKWVQmQDmjE3g_blr5fsBf2NwZFGkpkX16GWcvqdhZIeudv3ILdZCZAXwZtr0ywwoCOUGc&bag=NIj9DXwYmK1yOikLbOW8KKVMPH-g0SyE&ruid=1721bfa9-b7d0-4589-9f56-b82a7ecb1b86&subid=755682107243630592
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /121?rnd=1157154129&z=2892323&b=19741376&c=7707133&var=&varid=0&d=https%3A%2F%2Ft9wys.bemobtrcks.com%2Fgo%2F8b58584c-14ca-456c-978b-dee053d06abe%3Fvisitor_id%3D755682107243630592%26zoneid%3D2892323%26campaignid%3D7707133%26bannerid%3D19741376%26cost%3D%7Bcost%7D&cln={CELL_NUMBER}&btp=7&rb=_11547SWFuSgOf45Vhu7o5ZeALOe1tUtlDebLCIPOnZCFdB7ID-MXFPMxya7szq9-zhZl9GWpNgP0e13TjTeadVGip77zXzozDAUnJQt3mU0w0N4-zFnZ5M11ctJnkQS5ZTErY7DY33_rUKgDmG5XQHUDhOKYHU-yjeubn-mqP5fE13OsXpPARhJBzEN-DZzjBqH0QpMEyA5XGVB-kU-_R39uyd5gkMzz69qJKYm8qDMOeiDgAuiPuqEIMRS14kOflMurAj7IJAVr4tO9x907CUfNQVLW7B9E5FaXkhZ3GD2P7b6fjntzfTwH3PRvyAUhSAtyeCw-XSA7zlFCsdXNf0WGCxn-YkAYZENE5YLoNckfavwUNHlvnnhwnw9dUqedJZyqIQ0NIw2MlFLsa4BYfC4QVNg8UZBKRyKhQwrrPusRwR3uW14Ef24rPwp0NDwhqNorJz2-FvfEWBoJIrx1YobaVoaQsWPmbyoLSsrdISmi-RuxEHRbUJfW4R84OforDqKy4gYGbOGDWc5qrgcJeeFmQK5_N3fNSqcWAvDOrtdmEWbLhcJ2xzqhNYIXqbffOon87I2D52FeGL_uw1GwmKZaePVn0WrqeyGz_ywC1ON2hOapc-vrpMkodIYWz5Dux5ibDGaCE-NWW4tavdMMFrQSYGUGCCHmeQdF7jyO9HvHHBE1W6lnpOnQsydaCE-oUFnG6ISwFLgZ0zMDC3mneh0GYFKWVQmQDmjE3g_blr5fsBf2NwZFGkpkX16GWcvqdhZIeudv3ILdZCZAXwZtr0ywwoCOUGc&bag=NIj9DXwYmK1yOikLbOW8KKVMPH-g0SyE&ruid=1721bfa9-b7d0-4589-9f56-b82a7ecb1b86&subid=755682107243630592 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: scm=1; OAID=5edf7fca69824fc0be38230bd9ddaf83; oaidts=1701732169
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 04 Dec 2023 23:22:52 GMT
content-length: 0
location: https://t9wys.bemobtrcks.com/go/8b58584c-14ca-456c-978b-dee053d06abe?visitor_id=755682107243630592&zoneid=2892323&campaignid=7707133&bannerid=19741376&cost=
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: e62bf52d03a8c735251467c6dd2eb95d
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42 0 B URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 04 Dec 2023 23:22:52 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/remote.js
142.250.74.78 34 kB URL www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/remote.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (537)
Hash 63aa8296f70f3dcbf8b5df6faf8d46c3
2494976b44b1d3ec3b5825297e243679e7cca1dd
869da04350e0925de923dd2c39c41d18ba0625e3541bd5059ed5a611550552b6
GET /s/player/31e0b6d9/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hbCmPZhKCFQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33484
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 22:03:24 GMT
expires: Tue, 03 Dec 2024 22:03:24 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 4768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42 33 kB URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e1876165c156b8a1b8152d75ecca5525
6e96388eca1e4712c20ab34165c4f455aee826ae
8222543a64c775700b96cd840a570c4d00e1db1665132f291977bc2e7079b54f
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 04 Dec 2023 23:22:52 GMT
server: ESF
cache-control: private
content-length: 32837
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/hbCmPZhKCFQ/sddefault.webp
142.250.74.54 53 kB URL i.ytimg.com/vi_webp/hbCmPZhKCFQ/sddefault.webp
IP 142.250.74.54:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69787b0c6125f1946116ad763a6e8462
2101ae65931430380915d3740ff25230f8f1ede9
9ad741d077b292d639b0b558be87adc00e33774154d6924105ac83252767d66b
GET /vi_webp/hbCmPZhKCFQ/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 52986
date: Mon, 04 Dec 2023 23:22:52 GMT
expires: Tue, 05 Dec 2023 01:22:52 GMT
cache-control: public, max-age=7200
etag: "1699555289"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t9wys.bemobtrcks.com/go/8b58584c-14ca-456c-978b-dee053d06abe?visitor_id=755682107243630592&zoneid=2892323&campaignid=7707133&bannerid=19741376&cost=
3.70.16.242 260 B URL t9wys.bemobtrcks.com/go/8b58584c-14ca-456c-978b-dee053d06abe?visitor_id=755682107243630592&zoneid=2892323&campaignid=7707133&bannerid=19741376&cost=
IP 3.70.16.242:0
File type HTML document, ASCII text, with no line terminators
Hash b17eb11dc31f05244b97c29ffd3e7125
c94443864f3ec12934c71d6f181207234d248c71
7531dc12f2cf8b4f16a8f84c9957fda1c0846ddf20e2a0bab13695f46dec2e73
GET /go/8b58584c-14ca-456c-978b-dee053d06abe?visitor_id=755682107243630592&zoneid=2892323&campaignid=7707133&bannerid=19741376&cost= HTTP/1.1
Host: t9wys.bemobtrcks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Mon, 04 Dec 2023 23:22:52 GMT
content-type: text/html; charset=utf-8
content-length: 260
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
location: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=2WVLBwTYzKipKk8SDZAGMF
set-cookie: bemob-viewer-id=cc00849b-d0a9-4341-8e40-752d5a3391cc; Domain=t9wys.bemobtrcks.com; Path=/; Expires=Tue, 03 Dec 2024 23:22:52 GMT; HttpOnly; Secure; SameSite=None
bemob-uniq-visit:8b58584c-14ca-456c-978b-dee053d06abe=1; Domain=t9wys.bemobtrcks.com; Path=/; Expires=Tue, 05 Dec 2023 23:22:52 GMT; HttpOnly; Secure; SameSite=None
bemob-rotation:8b58584c-14ca-456c-978b-dee053d06abe:random:b92888d06323cf09eff6e768bedb2adc=0-0-0; Domain=t9wys.bemobtrcks.com; Path=/; Expires=Tue, 05 Dec 2023 23:22:52 GMT; HttpOnly; Secure; SameSite=None
bemob-click-id=2WVLBwTYzKipKk8SDZAGMF; Domain=t9wys.bemobtrcks.com; Path=/; Expires=Tue, 05 Dec 2023 23:22:52 GMT; HttpOnly; Secure; SameSite=None
vary: Accept
x-response-time: 11.374ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
X-Firefox-Spdy: h2
www.google.com/js/th/hozbaArpAcEtb7ltfJysqAapnffmHDhQfzgy1UI8b00.js
142.250.74.132 15 kB URL www.google.com/js/th/hozbaArpAcEtb7ltfJysqAapnffmHDhQfzgy1UI8b00.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (38538)
Hash 35833bcc74f6969a09468d9a8e9f1bff
5d1e24c030570a3de5b50a98a363cd4b04bfbd6f
868cdb680ae901c12d6fb96d7c9caca806a99df7e61c38507f3832d5423c6f4d
GET /js/th/hozbaArpAcEtb7ltfJysqAapnffmHDhQfzgy1UI8b00.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 15147
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 18:36:56 GMT
expires: Tue, 03 Dec 2024 18:36:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Nov 2023 17:00:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 17156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
valleymuchunnecessary.com/pixel/sbe?t=1&error=timeout
173.233.137.52 0 B URL valleymuchunnecessary.com/pixel/sbe?t=1&error=timeout
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: valleymuchunnecessary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:22:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42 0 B URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 04 Dec 2023 23:22:53 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14611544
192.243.61.227 1.4 kB URL conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14611544
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (476)
Hash 075cdea61111d08ad52d1e6ffd0be03b
b0dcb240ba20718a579aa50b9197045d2e5273f8
de27cf2f2a1a56afdbd6bd81837a30ed6fcc55ef74aee1256214409c7b971c3d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14611544 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:22:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Tue, 05 Dec 2023 23:22:53 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTQ2MTE1NDQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tLyIsImFyIjpbXX19._kMba8V6HzMXM_VBffdMTfsxb4qAX7zxUo7Z4PryQbo; expires=Mon, 04 Dec 2023 23:23:53 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7cd636a54da907d1156af21342d5a3e5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fingerprintoysters.com/pixel/nvrwe?error=timeout
192.243.59.13 0 B URL fingerprintoysters.com/pixel/nvrwe?error=timeout
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/nvrwe?error=timeout HTTP/1.1
Host: fingerprintoysters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=16310791; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 23:22:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42 114 B URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bca6bcd1750c86bda8574b0f8971d5b1
f94a658e7d112cfd3efe7131d8ec5ff5f27bc04a
13c8815f233931d4e0c92a36cda8b54ba7cdf49ec1b16e2a040c3c76958c3d76
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1090
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 04 Dec 2023 23:22:53 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=2WVLBwTYzKipKk8SDZAGMF
185.155.186.16 7.7 kB URL casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=2WVLBwTYzKipKk8SDZAGMF
IP 185.155.186.16:0
ASN #203639 Tekka Digital SA
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (531), with CRLF line terminators
Hash d7ec7353f0f5203aaac321eaf3db0a6f
a4ac5e0c4e51faaf235df625ee21e37fd52ff3d3
dc89c4757e4d00192575f17b5f3ec84b97cc5ca545ac34d38f15d325ce1a191d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=2WVLBwTYzKipKk8SDZAGMF HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 23:22:53 GMT
Content-Type: text/html
Content-Length: 7693
Connection: keep-alive
set-cookie: sid=t2~opsjgb5s1mzoskyotw0v0ann; path=/
cache-control: private, no-transform
yt3.ggpht.com/bI3cYhBA-j5zrtu0l9zocDoVPtLvtazV_9Lvg4poV2vkPMmZKKw41JJSeTgQC5NZoEUnt4T9=s68-c-k-c0x00ffffff-no-rj
142.250.74.161 2.8 kB URL yt3.ggpht.com/bI3cYhBA-j5zrtu0l9zocDoVPtLvtazV_9Lvg4poV2vkPMmZKKw41JJSeTgQC5NZoEUnt4T9=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 4764a2fc4b56885f1330b073478159ce
e2bb6d7151556852af5d581818d6b181a2e456c5
b5cf35027647f17f3ad9eb195e9ec4f42181cb8bcce23e071c266749697937d5
GET /bI3cYhBA-j5zrtu0l9zocDoVPtLvtazV_9Lvg4poV2vkPMmZKKw41JJSeTgQC5NZoEUnt4T9=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 05 Dec 2023 23:22:53 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 23:22:53 GMT
server: fife
content-length: 2821
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE0NjExNTQ0JnBzdD0xNzAxNzMyMjMzJnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnZ1Z2xhLmNvbSUyRiZybXRjPXQmc2h1PWUyMDAyNGQxNzY0NjBkYWIxZjE1MDI1ZDA2YzYxZGMwNTA3MTQ1NWQ3MzE1MjQ1MmE5MGM3MGE4NDBiZGQ4YzA4YmUxOWMyYjhiZTk2NDJiYTcwYjgxNTg5ZTkxNDQ4NmM0Mzk3NDBhZjNjNjZiOGFlOTJkZDA1ZjlmYzI5MGM2NWM4NDdlMjE2NGEwM2MxMGEwMmUzNDcwMjNmYWQwZjFkNDQwYmI4ZGVmYzliYzc0ZDA1OWMyZTQ1NDllMzM%3D&uuid=&pii=&in=false
192.243.61.227 0 B URL conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE0NjExNTQ0JnBzdD0xNzAxNzMyMjMzJnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnZ1Z2xhLmNvbSUyRiZybXRjPXQmc2h1PWUyMDAyNGQxNzY0NjBkYWIxZjE1MDI1ZDA2YzYxZGMwNTA3MTQ1NWQ3MzE1MjQ1MmE5MGM3MGE4NDBiZGQ4YzA4YmUxOWMyYjhiZTk2NDJiYTcwYjgxNTg5ZTkxNDQ4NmM0Mzk3NDBhZjNjNjZiOGFlOTJkZDA1ZjlmYzI5MGM2NWM4NDdlMjE2NGEwM2MxMGEwMmUzNDcwMjNmYWQwZjFkNDQwYmI4ZGVmYzliYzc0ZDA1OWMyZTQ1NDllMzM%3D&uuid=&pii=&in=false
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE0NjExNTQ0JnBzdD0xNzAxNzMyMjMzJnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnZ1Z2xhLmNvbSUyRiZybXRjPXQmc2h1PWUyMDAyNGQxNzY0NjBkYWIxZjE1MDI1ZDA2YzYxZGMwNTA3MTQ1NWQ3MzE1MjQ1MmE5MGM3MGE4NDBiZGQ4YzA4YmUxOWMyYjhiZTk2NDJiYTcwYjgxNTg5ZTkxNDQ4NmM0Mzk3NDBhZjNjNjZiOGFlOTJkZDA1ZjlmYzI5MGM2NWM4NDdlMjE2NGEwM2MxMGEwMmUzNDcwMjNmYWQwZjFkNDQwYmI4ZGVmYzliYzc0ZDA1OWMyZTQ1NDllMzM%3D&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTQ2MTE1NDQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tLyIsImFyIjpbXX19._kMba8V6HzMXM_VBffdMTfsxb4qAX7zxUo7Z4PryQbo; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:22:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=301609238bbf22eb1cce9c879fc70ee8&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
Set-Cookie: iprcf7fbd1391fceb10887d85e8fdf3b5039=4641329; expires=Tue, 05 Dec 2023 23:22:53 GMT
pdhtkv=true; expires=Tue, 05 Dec 2023 23:22:53 GMT
uncs=1; expires=Tue, 05 Dec 2023 23:22:53 GMT
pdhtkv28=true; expires=Tue, 05 Dec 2023 23:22:53 GMT
uncs28=1; expires=Tue, 05 Dec 2023 23:22:53 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 49d329b4481373bd5224f2c9dd2720ad
Strict-Transport-Security: max-age=0; includeSubdomains
region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT>m=45je3bt0v879882835&_p=1701732176260&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1931742956.1701732177&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701732176&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&dt=Cardinal%20Point%20predstavlja%20prvi%20istoimeni%20singl%20sa%20albuma%20%E2%80%9EMan%20Or%20Island%E2%80%9C%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=5691
216.239.34.36204 No Content 0 B URL POST HTTP/3 region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT>m=45je3bt0v879882835&_p=1701732176260&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1931742956.1701732177&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701732176&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&dt=Cardinal%20Point%20predstavlja%20prvi%20istoimeni%20singl%20sa%20albuma%20%E2%80%9EMan%20Or%20Island%E2%80%9C%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=5691
IP 216.239.34.36:443
Requested by https://www.vugla.com/cardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7NCJ73THPT>m=45je3bt0v879882835&_p=1701732176260&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1931742956.1701732177&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701732176&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fcardinal-point-predstavlja-prvi-istoimeni-singl-sa-albuma-man-or-island.html&dt=Cardinal%20Point%20predstavlja%20prvi%20istoimeni%20singl%20sa%20albuma%20%E2%80%9EMan%20Or%20Island%E2%80%9C%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=5691 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://www.vugla.com
date: Mon, 04 Dec 2023 23:22:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=301609238bbf22eb1cce9c879fc70ee8&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
192.64.81.118 0 B URL violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=301609238bbf22eb1cce9c879fc70ee8&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
IP 192.64.81.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=301609238bbf22eb1cce9c879fc70ee8&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625 HTTP/1.1
Host: violationphysics.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Mon, 04 Dec 2023 23:22:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h9fvdu1myd; expires=Tue, 05-Dec-2023 23:22:54 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h9fvdu1myd-h9fvdu1myd-hq1m-0-q5a4bl-ftxofe-ft8pdz-7b76a9; expires=Tue, 05-Dec-2023 23:22:54 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=e2ed5h9fvdu1myda24&sub_id=16122660
Strict-Transport-Security: max-age=31536000
vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=e2ed5h9fvdu1myda24&sub_id=16122660
172.67.205.133 0 B URL vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=e2ed5h9fvdu1myda24&sub_id=16122660
IP 172.67.205.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=zKByXHsQK0ydGD7DogbGyA&click_id=e2ed5h9fvdu1myda24&sub_id=16122660 HTTP/1.1
Host: vvfal.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 04 Dec 2023 23:22:54 GMT
content-length: 0
location: https://vvfal.stonecarv.top/office-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&click_id=e2ed5h9fvdu1myda24&sub_id=16122660&nrid=fdfbd0d21d8a462091e0b3d43d367fb8&hash=Y0o7TqsYNrrVSib9AaauVA&exp=1701732474
set-cookie: zKByXHsQK0ydGD7DogbGyA=18; max-age=345600; path=/; samesite=lax
__pl=7cd080a8-0985-4f7a-81c2-3dd292226e84; expires=Thu, 04 Dec 2025 23:22:54 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4jdvj8VRFIztI8RDxhl06HerFp20b31oXyqYizbziWZxJJriLj5FblX6dSe6dLm0RFUHEW8EsaLREVxp4dblHzkyRtivyJ7v8clTIz1wb79m6CGupyDVJisYejlSyFV%2BtfZQDuxlcMNuVWR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8307cb4aadca56a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vvfal.stonecarv.top/favicon.ico
104.21.4.148 0 B URL vvfal.stonecarv.top/favicon.ico
IP 104.21.4.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/office-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&click_id=e2ed5h9fvdu1myda24&sub_id=16122660&nrid=fdfbd0d21d8a462091e0b3d43d367fb8&hash=Y0o7TqsYNrrVSib9AaauVA&exp=1701732474
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Mon, 04 Dec 2023 23:22:55 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4399
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8qv89J41g%2B03svYYIMO7ryQUA3L4v7b9Rn2OKc6kvGfKqSBD%2F5qFoJk4aum97i3Y8zF%2BpZ90lSMjpMWmihlO1NBSsdi6uLLIkXJSqjltrsJSBit8SqErNWWYTv%2BLhBuSgX2%2FKZk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307cb4fcbc356c0-OSL
alt-svc: h3=":443"; ma=86400
eehuzaih.com/400/5005565
139.45.197.237 51 kB IP 139.45.197.237:0
File type gzip compressed data, max speed, from Unix\012- data
Hash 798263fc4d4b779b6ef43360aeef0a5b
e747ea01aec5a45c8d7441b2ed875f5daa423ae6
6a592b2e6ca828ec497b979582018f3847ee96bddb2521dc4d7cf666cdab0cd7
GET /400/5005565 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 23:22:50 GMT
content-type: application/javascript
x-trace-id: f6c6f65c307e64b9f6b6cbfea779281d
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=826c2d681db84cf9a59c63ce5f782aeb; expires=Tue, 03 Dec 2024 23:22:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
142.250.74.35 9.9 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (38231)
Hash 0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 411443
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnstatic.stonecarv.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&click_id=e2ed5h9fvdu1myda24&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=fdfbd0d21d8a462091e0b3d43d367fb8
104.21.4.148 13 kB URL cdnstatic.stonecarv.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&click_id=e2ed5h9fvdu1myda24&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=fdfbd0d21d8a462091e0b3d43d367fb8
IP 104.21.4.148:0
File type Unicode text, UTF-8 text, with very long lines (31624), with no line terminators
Hash 268e6b96906605f957eb11ae226c40c4
0745edb8b19e87b1971f89b5881f0433cb378a77
5c1c5dc6b5254e5f328fdeb2cf6a7a1b54a75611b91048c9a5177f230b2a5e89
GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&click_id=e2ed5h9fvdu1myda24&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=fdfbd0d21d8a462091e0b3d43d367fb8 HTTP/1.1
Host: cdnstatic.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Cookie: __psu=d4e7f125-883a-43a3-b645-6491006a934b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:22:55 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=329yB37z3KW3y%2FQssLjUmsywjyKw8wZ0ApRUbgTW0vJPQB3gzAxqf2pyG5XPrLK7gmvWi59KD8lXGJH7%2F05i6EmXDCmbA63QcQ4AIOiE53HlMH%2BQGaDGRu5sZ5ftn3SfUhqiWgZTIU49Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307cb520d2a56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
vvfal.stonecarv.top/shared-js/assets/static-pl.js?v=2
104.21.4.148 10 kB URL vvfal.stonecarv.top/shared-js/assets/static-pl.js?v=2
IP 104.21.4.148:0
File type ASCII text, with CRLF line terminators
Hash 7224243dd0b18bb2508a1d77d4b2a0b2
bd833c24aa241861316053fd8bd46a1bef3d343f
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/office-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&click_id=e2ed5h9fvdu1myda24&sub_id=16122660&nrid=fdfbd0d21d8a462091e0b3d43d367fb8&hash=Y0o7TqsYNrrVSib9AaauVA&exp=1701732474
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 23:22:55 GMT
content-type: application/javascript
last-modified: Mon, 04 Dec 2023 09:44:39 GMT
etag: W/"656d9f87-dee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRkg12DIDU6UPabOxh6G4q6YZcJFByGERUqJlnvqqwh4rxwAU%2Ft0JWfiAI3mPRncJoCB2jaJ9%2BueZ0VL8ojYOs5WFnjwZGvmxBX0BqCqIvHOSsHb%2Bu%2BNnPBxwIBMwoZsbICZuYpw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8307cb4eeb3856c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
142.250.74.35 9.9 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (38231)
Hash 0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 411443
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
192.243.61.225 1.3 kB URL www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (412)
Hash 63808efbccad15839f84dc00a157a81c
bcd7e32a9089de4b20179d2d4467b632150b1e14
490fad79173aad0cf326e5cf1fed944e4ed58dd760024125089f17ba20bf52b3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:22:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=19854905; expires=Tue, 05 Dec 2023 23:22:56 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; expires=Mon, 04 Dec 2023 23:23:56 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 37242c36d7bbf020a96a2c7f812198e9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNzMyMjM2JnJtdGM9dCZzaHU9ZGQ3NGZmNjg0NzcxNTM5MDljNmIwNTdiN2I4ZTRmZjY4YmMyMTVhMWZlMWFhNWEzMjhmOTg3YzQ5NTMyNDUwOWFlMGM1Y2Q0ZTE0YTgyNTMzNTk2MDhkNGJjYzQzZDIzNDNjYTlmZTZlYzljYmE4ZGU5NWQzZjBkMTRiNDIyNmM5ZTlmMDUwZTZiOTQ4ZDM0YzI5ZjU5MmQ4ZjA4MDE5M2VlM2I3YTRlMTQ4M2Q2ZGE2YmI0NzBjODI1YmY0Nw%3D%3D&uuid=&pii=&in=false
192.243.61.225 0 B URL www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNzMyMjM2JnJtdGM9dCZzaHU9ZGQ3NGZmNjg0NzcxNTM5MDljNmIwNTdiN2I4ZTRmZjY4YmMyMTVhMWZlMWFhNWEzMjhmOTg3YzQ5NTMyNDUwOWFlMGM1Y2Q0ZTE0YTgyNTMzNTk2MDhkNGJjYzQzZDIzNDNjYTlmZTZlYzljYmE4ZGU5NWQzZjBkMTRiNDIyNmM5ZTlmMDUwZTZiOTQ4ZDM0YzI5ZjU5MmQ4ZjA4MDE5M2VlM2I3YTRlMTQ4M2Q2ZGE2YmI0NzBjODI1YmY0Nw%3D%3D&uuid=&pii=&in=false
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNzMyMjM2JnJtdGM9dCZzaHU9ZGQ3NGZmNjg0NzcxNTM5MDljNmIwNTdiN2I4ZTRmZjY4YmMyMTVhMWZlMWFhNWEzMjhmOTg3YzQ5NTMyNDUwOWFlMGM1Y2Q0ZTE0YTgyNTMzNTk2MDhkNGJjYzQzZDIzNDNjYTlmZTZlYzljYmE4ZGU5NWQzZjBkMTRiNDIyNmM5ZTlmMDUwZTZiOTQ4ZDM0YzI5ZjU5MmQ4ZjA4MDE5M2VlM2I3YTRlMTQ4M2Q2ZGE2YmI0NzBjODI1YmY0Nw%3D%3D&uuid=&pii=&in=false HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.toprevenuegate.com/zj77nccnbs?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=19854905
Cookie: u_pl=19854905; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 23:22:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://shop.bigbasketshop.com/track?q=kghXWdDErq
Set-Cookie: iprc929b1b8ea365acd58c8f3f520d9d834f=4591122; expires=Tue, 05 Dec 2023 23:22:57 GMT
pdhtkv=true; expires=Tue, 05 Dec 2023 23:22:57 GMT
uncs=1; expires=Tue, 05 Dec 2023 23:22:57 GMT
pdhtkv28=true; expires=Tue, 05 Dec 2023 23:22:57 GMT
uncs28=1; expires=Tue, 05 Dec 2023 23:22:57 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4a6a72e42e0035b6c7ac912606657024
Strict-Transport-Security: max-age=0; includeSubdomains
clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
18.184.185.69200 OK 3.6 kB URL User Request POST HTTP/2 clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
IP 18.184.185.69:443
Certificate IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (314)
Hash dffa9bac5be3f386079d2028d8264f59
e264575195c6ca302170a308b3da31f924b6d60c
43ffd816104a86bae1d1e75330e61c304463fcf25e6bdb5086c34a944b1e4c68
GET /click?p=225780&a=3238748&epi=TerraD HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shop.bigbasketshop.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:22:57 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 3610
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
referrer-policy: origin
X-Firefox-Spdy: h2
vht.tradedoubler.com/fp/fpjs.js
54.230.111.4 7.7 kB URL vht.tradedoubler.com/fp/fpjs.js
IP 54.230.111.4:0
File type ASCII text, with very long lines (19960)
Hash e967d9e86ec8ff44db0e24766ced642f
bd488430b8b4283eb82afda802a075cf841c29d3
040dff2a9b3d08a4654dec367d93f2b994a8ea0e573950d5561c0022af4a3c3a
GET /fp/fpjs.js HTTP/1.1
Host: vht.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7718
Connection: keep-alive
Date: Sat, 02 Dec 2023 03:49:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 09 Oct 2023 08:54:59 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3zt2tfmtSqJmcVIoL1aGuYXp_DquGL-piQZQVV17NznGA6YocOdNqA==
Age: 243236
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
clk.tradedoubler.com/favicon.ico
18.184.185.69404 Not Found 193 B URL GET HTTP/2 clk.tradedoubler.com/favicon.ico
IP 18.184.185.69:443
Requested by https://clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
Certificate IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 523cbcb278f348bbe64563fe4cc9f435
5a436481b66ccb6dff53c5e1a14c08ef0b4a8e4b
37b6ca25983f4126bd10c135684bc8f421c8b48a5bdb75b5ad69c849035a84f4
GET /favicon.ico HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Mon, 04 Dec 2023 23:22:58 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 193
X-Firefox-Spdy: h2
clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
18.184.185.69200 OK 150 B URL User Request POST HTTP/2 clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
IP 18.184.185.69:443
Certificate IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash dc03e2e45f5c0d5e02f319e7f1e957cf
47725bedccb4c387bfc904021658cc7b343927ab
f064d039c1745fafca89f95ad9748a95b6ed51a78270b7feee25e968faef36b7
POST /click?p=225780&a=3238748&epi=TerraD HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 90
Origin: https://clk.tradedoubler.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 23:22:58 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 150
set-cookie: GUID=1z11zz14Oz1jKiJnz291d52d2e09338447eb4675af8a2c8b8;expires=Tue, 03-Dec-2024 23:22:58 GMT;path=/;domain=.tradedoubler.com
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
referrer-policy: origin
X-Firefox-Spdy: h2
clk.tradedoubler.com/favicon.ico
18.184.185.69404 Not Found 193 B URL GET HTTP/2 clk.tradedoubler.com/favicon.ico
IP 18.184.185.69:443
Requested by https://clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
Certificate IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 523cbcb278f348bbe64563fe4cc9f435
5a436481b66ccb6dff53c5e1a14c08ef0b4a8e4b
37b6ca25983f4126bd10c135684bc8f421c8b48a5bdb75b5ad69c849035a84f4
GET /favicon.ico HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Cookie: GUID=1z11zz14Oz1jKiJnz291d52d2e09338447eb4675af8a2c8b8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Mon, 04 Dec 2023 23:22:58 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 193
X-Firefox-Spdy: h2