Report - www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html

Report Overview

Visited public
2023-12-03 21:15:27
Tags
URL
www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Finishing URL
clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
IP / ASN
192.185.106.252
#46606 UNIFIEDLAYER-AS-1
Title
clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.kursnalista.co	unknown	2019-01-14	2015-04-30 23:56:04	2023-12-02 16:08:25	900 B	126 kB	192.185.106.47
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-12-02 20:02:45	1.0 kB	1.5 kB	139.45.195.8
eehuzaih.com	unknown	2022-02-21	2022-02-21 12:12:25	2023-11-25 20:59:40	1.7 kB	13 kB	139.45.197.237
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-12-03 05:12:08	950 B	716 B	18.157.203.0
tharbadir.com	670354	2018-04-25	2018-05-21 22:07:02	2023-11-20 17:43:39	4.3 kB	2.1 kB	139.45.197.238
www.variouscreativeformats.com	408415	2021-06-09	2021-06-13 08:53:26	2023-12-02 16:08:26	457 B	12 kB	192.243.59.20
www.toprevenuegate.com	unknown	2023-10-20	2023-10-23 18:22:31	2023-12-02 05:14:39	1.8 kB	991 B	173.233.137.52
vht.tradedoubler.com	99799	1999-10-10	2014-10-10 10:20:39	2023-12-03 13:54:47	421 B	8.4 kB	54.230.111.48
www.vugla.com	unknown	2013-09-24	2015-02-06 16:22:31	2023-12-02 13:07:39	36 kB	1.1 MB	192.185.106.252
www.youtube.com	90	2005-02-15	2013-04-13 09:43:20	2023-12-03 05:09:05	3.5 kB	241 kB	142.250.74.78
www.nbfcs.org	unknown	2022-11-16	2022-11-17 15:12:53	2023-11-28 23:26:53	1.3 kB	3.4 kB	15.197.212.58
conqueredallrightswell.com	unknown	2023-11-14	2023-11-16 20:49:45	2023-12-03 13:59:03	2.5 kB	4.4 kB	192.243.59.12
violationphysics.click	unknown	2023-02-10	2023-02-11 18:32:06	2023-12-02 11:47:04	926 B	601 B	192.64.81.118
apis.google.com	105	1997-09-15	2013-05-06 22:20:21	2023-12-03 05:10:41	1.3 kB	24 kB	142.250.74.78
pl16411290.alternativecpmgate.com	unknown	2021-07-01	2023-05-22 08:21:17	2023-12-01 20:01:56	460 B	10 kB	173.233.137.52
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-03 05:48:43	4.5 kB	256 kB	216.58.207.227
tzegilo.com	unknown	2022-01-14	2022-01-14 16:27:15	2023-12-03 15:47:48	406 B	8.2 kB	104.21.11.245
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	453 B	16 kB	216.58.211.4
vvfal.rigelbetelgeuse.top	unknown	2023-05-11	2023-05-11 14:25:20	2023-12-03 05:47:50	608 B	1.0 kB	104.21.22.161
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-03 07:56:40	1.4 kB	32 kB	142.250.74.67
enclosedsponge.com	unknown	2023-11-28	2023-11-29 03:35:58	2023-12-03 00:51:34	482 B	14 kB	192.243.61.227
jnn-pa.googleapis.com	2640	2005-01-25	2021-11-16 07:12:21	2023-12-03 10:37:11	2.5 kB	35 kB	142.250.74.74
i.ytimg.com	109	2007-12-11	2012-10-03 19:11:04	2023-12-03 09:18:30	453 B	44 kB	142.250.74.86
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-03 06:51:04	432 B	86 kB	142.250.74.168
pl15560907.passtechusa.com	unknown	2020-02-27	2022-10-27 15:33:11	2023-11-25 04:22:29	455 B	16 kB	173.233.137.36
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2023-12-03 05:38:07	535 B	481 B	139.45.195.254
offerimage.com	304078	2019-06-10	2019-06-10 13:11:53	2023-12-03 05:38:07	467 B	20 kB	104.22.33.172
www.profitabledisplaycontent.com	138390	2020-10-14	2020-10-16 04:07:47	2023-12-01 16:49:53	1.9 kB	2.0 kB	173.233.137.52
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-12-03 05:12:09	1.5 kB	80 kB	45.133.44.9
turnminimizeinterference.com	unknown	2023-11-28	2023-11-28 13:00:14	2023-12-03 05:17:38	461 B	467 B	173.233.137.44
clk.tradedoubler.com	65246	1999-10-10	2012-05-21 15:21:02	2023-12-02 17:58:35	2.2 kB	5.1 kB	3.127.180.170
img1.wsimg.com	9893	2008-03-17	2012-06-20 16:42:31	2023-12-03 05:14:52	896 B	203 kB	23.36.79.16
vvfal.stonecarv.top	unknown	unknown	No data	No data	3.3 kB	32 kB	172.67.154.38
cdnstatic.stonecarv.top	unknown	unknown	No data	No data	517 B	10 kB	172.67.154.38
a.stonecarv.top	unknown	unknown	No data	No data	2.0 kB	14 kB	172.67.154.38
yt3.ggpht.com	203	2008-01-16	2014-01-15 17:55:17	2023-12-03 05:09:50	521 B	2.4 kB	142.250.74.161
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-03 08:25:07	1.6 kB	868 B	216.239.34.36
omoonsih.net	148361	2021-08-03	2021-08-03 22:48:54	2023-11-27 23:27:47	1.6 kB	787 kB	172.66.40.73
amunfezanttor.com	unknown	2023-03-31	2023-03-31 14:42:42	2023-12-03 13:54:41	1.5 kB	1.5 kB	139.45.197.250

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-03 21:15:20	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-03	medium	fleraprt.com	Sinkholed
2023-12-03	medium	amunfezanttor.com	Sinkholed
2023-12-03	medium	amunfezanttor.com	Sinkholed
2023-12-03	medium	amunfezanttor.com	Sinkholed
2023-12-03	medium	enclosedsponge.com	Sinkholed
2023-12-03	medium	turnminimizeinterference.com	Sinkholed
2023-12-03	medium	conqueredallrightswell.com	Sinkholed
2023-12-03	medium	conqueredallrightswell.com	Sinkholed
2023-12-03	medium	toprevenuegate.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (125)

		Size	First Seen	Last Seen
	#1 Eval - 55d322e798c152c1623a52b1fd1d107e	2 B	2023-03-08 14:40	2025-01-28 17:28
Pretty Observations First Seen2023-03-08 14:40 Last Seen2025-01-28 17:28 Times Seen1506 Hash 55d322e798c152c1623a52b1fd1d107e 3fa7708a2fbc2263b3b2a0dc8279aa1f29af59ba d83d23aa0d3f185c1660be3eb925e10a5ecacd5fa2aa88fb69e67bc473897ef7 Loading...

	#2 Eval - 47273b13f41cdd965a1fb55f8ee29cae	166 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 47273b13f41cdd965a1fb55f8ee29cae 110e5f578f00fcc4894c48692a4e8208964e1615 4fb216ccf56707e146d06f27b77a07fca8c1d5b1d8eeb5f5d80bb9e32be1d67a Loading...

	#3 Eval - 0563fcd3c81eef58e50b984c70677036	159 B	2023-03-07 01:02	2024-08-22 11:17
Pretty Observations First Seen2023-03-07 01:02 Last Seen2024-08-22 11:17 Times Seen17943 Hash 0563fcd3c81eef58e50b984c70677036 297f56d56ec1918a65a72c146da33d3ffb468684 ed2b7d8395578b6813022e5d55ce8066479d2def9c664882260f1516472c1838 Loading...

	#4 Eval - 1952a01898073d1e561b9b4f2e42cbd7	2 B	2023-03-07 12:02	2025-03-17 03:59
Pretty Observations First Seen2023-03-07 12:02 Last Seen2025-03-17 03:59 Times Seen1351 Hash 1952a01898073d1e561b9b4f2e42cbd7 e8c5e5be4d4926e3acc74ed8dd3beb18fa6b1593 be18b85f77fc024db379acf19e8a1ce62307ab7bb1bca395389ecfc2dafaf741 Loading...

	#5 Eval - ff44570aca8241914870afbc310cdb85	1 B	0001-01-01 00:00	2025-05-11 17:37
Pretty Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 17:37 Times Seen174730 Hash ff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5 Loading...

	#6 Eval - 191364d442c58d03c434a6fe7dc88949	26 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 191364d442c58d03c434a6fe7dc88949 f1b2f7d20d648e8e30ddc7740c6439fd2126aa94 dc8c21b1f1402e0f05041a0fd69417f9cbfcc31de0ab850521bfdcee2c944ddb Loading...

	#7 Eval - 9e6eb95c2715f986f8c530b43d3d9878	216 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 9e6eb95c2715f986f8c530b43d3d9878 48a2cd819813e9e5d5cb7f7ecd448a8deec4c1ee 033915c7d0119cfcf5511be6678292b253938c80041cb5c6283bc9efb2b2a07e Loading...

	#8 Eval - fd43e6eb5bc8310d1610a6d5f370b8a1	22 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1172 Hash fd43e6eb5bc8310d1610a6d5f370b8a1 75e5d771561f571900b6ff742d5a0926765e4a4e 524c0cf019933937e7a269aebd14f2f4fe5ad9806a4147f21bd4d2667b20c497 Loading...

	#9 Eval - 13eea949a7e8df8bc9b7cd05adf3f6ce	145 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 13eea949a7e8df8bc9b7cd05adf3f6ce 27654372e1c08978ee8b1ef7ca62e73112172d88 d9f59a43cbb17e8182a38130cc29164778e9deafc856357e23e29b6e362ec003 Loading...

	#10 Eval - 90749cdccc92b64023af65b2c2e09841	52 B	2023-06-30 03:07	2025-01-10 21:02
Pretty Observations First Seen2023-06-30 03:07 Last Seen2025-01-10 21:02 Times Seen37627 Hash 90749cdccc92b64023af65b2c2e09841 c462a67f6bc05d361593fd7bdc0821fc6fbb27b4 23f5d7bca8a3fd67ad081a77c0f5ab552436896346a404b9a58840870ec9eb1d Loading...

	#11 Eval - f0e976b756b6afe7f40bca206a2d7150	29 B	2023-03-07 01:02	2025-05-11 16:23
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 16:23 Times Seen42534 Hash f0e976b756b6afe7f40bca206a2d7150 db9bee9a7bba93a60330ec5ef1334d9c164fcd56 029b84af88c5d6ced58173997a15fa47011e198e5449027d87e2f7b871f332c2 Loading...

	#12 Eval - ff33f1b12213e021c2c4a888141953ba	2 B	2023-03-07 12:25	2024-11-24 18:00
Pretty Observations First Seen2023-03-07 12:25 Last Seen2024-11-24 18:00 Times Seen1306 Hash ff33f1b12213e021c2c4a888141953ba e0417928efb829deba056fc53babf67b9aab8d1a c75de8c1b7c3ae5252091267a736a9bf57001d80e82668b3cb3cd09e2f6a43cb Loading...

	#13 Eval - 8e6067e6cba5685518ac1870eedd53dd	82 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 8e6067e6cba5685518ac1870eedd53dd 4871305b095ba6fbf43288abbb50fd6e99acf487 dcea2d930d1a480b5ab8d7172752ca23311a30e1912807d319c2794db762abf6 Loading...

	#14 Eval - ecc6996aef3a1ead6fd56d7ccb0b9565	1.1 kB	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash ecc6996aef3a1ead6fd56d7ccb0b9565 ea06009b1a1ccd3d17417f2da860e875de89ca4e b70cee8fadbc1784a8eca5c28bf0a27f084c7e47ac0abdf6438bf7b5c7275159 Loading...

	#15 Eval - a8e7b977655faa8482d6523555d49a6c	130 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash a8e7b977655faa8482d6523555d49a6c b5593f40e796b94eea898ecc26c89ecd3795a360 11085274b8c123912689ccd2c8808f25714bed86bd57be2d4421e0f1c7454e3a Loading...

	#16 Eval - 919a757fdc48e184311118be632a15bc	70 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 919a757fdc48e184311118be632a15bc 107614700290ae7355e326881ada1b93d0e4544b b7ef28087730dcffade440fb901774574dc794d418f8a898b2d9b971ed089c1f Loading...

	#17 Eval - 1423f5ce268361f08ae5631318cebf11	94 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 1423f5ce268361f08ae5631318cebf11 80fb302fc9a9fb08fca975db6c198e630c26f4b9 c135f4db44926984c323ce6ce0ec5246cbe467b542e14b853087fdd2585fce52 Loading...

	#18 Eval - e167d02fe0030e9939cb623fea0f2f00	133 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash e167d02fe0030e9939cb623fea0f2f00 b29a033667c6bf7fa62ca9d9b2ede4782c4cb16c 5f32d2bd35725c0b5d945239f7cb2a7701d5b1301bad22e7afec5bdc69fc0963 Loading...

	#19 Eval - 3f73848ff9cab1c56fb1c772c76997d9	186 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 3f73848ff9cab1c56fb1c772c76997d9 534134cff6c87463ae536bba24f6cd5ebe2fc006 2349b1354f3e220673b34b93b68b54139ed4a3718cf9acaab0a85d963b9914d9 Loading...

	#20 Eval - d48a24ae9672ee573050e4d3aeeebe4d	29 B	2023-03-07 01:02	2025-05-11 13:48
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 13:48 Times Seen51919 Hash d48a24ae9672ee573050e4d3aeeebe4d 8f8c4d27852980a1ec5a8b1aba30769001314ec8 53e5b7d706a350fe98d52499058624e15cddc1541f17370f94a899a386c50255 Loading...

	#21 Eval - 0d80d99d7f209071a284c9ab6d14accf	83 B	2023-03-07 01:02	2025-05-11 17:10
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 17:10 Times Seen53659 Hash 0d80d99d7f209071a284c9ab6d14accf c91e7389c28a7b35eeb114484808a20cddb8c20e 0cb21d1de060008bab472c15c63e6f15828de601f85deff00d701d26c0f6819a Loading...

	#22 Eval - d1aac2c1669e64bbd37e54d08f6de26f	128 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash d1aac2c1669e64bbd37e54d08f6de26f 8051a9e3c1d96c91c250451fdf729b421e86c4ab 3112b9358c92aae0e652154623af8813397643ab4f51ce2ab418f76df641de75 Loading...

	#23 Eval - 996fa50c0a755806e9650127e6624789	22 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 996fa50c0a755806e9650127e6624789 3a6fea018a8445abd35e543d44f934fc2563a517 568c89c26bfd58beb998f423d417846629e6de5451efbe8590ea5fad7384f343 Loading...

	#24 Eval - 4ad139244b2be11932aaaef03b3e149c	34 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1068 Hash 4ad139244b2be11932aaaef03b3e149c 1363eb1e48360cc01f053ff568f30cef760b66ef b4b37f36642b7fca1c032feef78bd782d543834c661b208ec028fbafee50572a Loading...

	#25 Eval - 9d0137bffa0f20d5e8e9f54f2c84cf0a	10 B	2023-03-07 01:02	2025-05-11 12:27
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:27 Times Seen36954 Hash 9d0137bffa0f20d5e8e9f54f2c84cf0a 39edf6d919f82b9692a2edfecc78427a82567c42 269d4d56785ffc82f3ed05d8ee3b84fc18d7474663ddd06c6fd285165190bb19 Loading...

	#26 Eval - 71e4d0554bb5f5c000c0c9aadaa525d6	2 B	2023-03-10 09:11	2025-05-04 15:26
Pretty Observations First Seen2023-03-10 09:11 Last Seen2025-05-04 15:26 Times Seen1852 Hash 71e4d0554bb5f5c000c0c9aadaa525d6 e3a8d6c3636413f47bb05ae120b4412b45bf77c5 7102152f55997f1cd5d2075c9f2de834970fb1ed9ddde80d3b8a2886cb4b5b76 Loading...

	#27 Eval - e480d2c4a9b80b2ce5d3ccd411a92216	77 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash e480d2c4a9b80b2ce5d3ccd411a92216 676d2552494791cfc87f00f9eb52749d7800c1aa 19bdfe0e261b20fc8bcce176c50d5a2e6f47bfbff152d380bdfadc4f02fccd39 Loading...

	#28 Eval - a735596ddc266cbc06c317d706b22644	148 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash a735596ddc266cbc06c317d706b22644 56331e312bf72b4b3ece9c314335617936c190b4 543605d4a92a8fa23544a88e25334f5c124ad19c9c5b58e2f6ec220ba465472a Loading...

	#29 Eval - ca85604235d7f4c281594488c534359d	22 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash ca85604235d7f4c281594488c534359d 7a9738947fec3f20dbb5a1d6f04846ed82a52de7 7746d4736cacf547fd161ad06f304cdd9dc31128d6913675c57f13687393f812 Loading...

	#30 Eval - 7a591c318f728691581746d3fd25daaa	78 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 7a591c318f728691581746d3fd25daaa d7ed1564eefc602d0ba390dc95715760ba8e6cbf 94625a5eece37d48e6b08344c1d515759b586d4178b2a0f34cb4b37bc3d7c88f Loading...

	#31 Eval - 8022a4a7a33538bdc2936b04068a56eb	39 kB	2024-08-20 16:54	2024-08-20 16:54
Pretty Observations First Seen2024-08-20 16:54 Last Seen2024-08-20 16:54 Times Seen1 Hash 8022a4a7a33538bdc2936b04068a56eb ae15211fe5f9ba7ef5b7359a1afa13aac6e39c08 0f1a64c5a63d2074868df988d3ec452758c1415a8468d9a69e400406c97457b6 Loading...

	#32 Eval - 83878c91171338902e0fe0fb97a8c47a	1 B	2023-03-07 01:29	2025-05-11 16:53
Pretty Observations First Seen2023-03-07 01:29 Last Seen2025-05-11 16:53 Times Seen6991 Hash 83878c91171338902e0fe0fb97a8c47a 516b9783fca517eecbd1d064da2d165310b19759 148de9c5a7a44d19e56cd9ae1a554bf67847afb0c58f6e12fa29ac7ddfca9940 Loading...

	#33 Eval - e57d452bb9c82493ad804af002d3906f	471 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash e57d452bb9c82493ad804af002d3906f f227d6619c4c189942937a0bf2dd603c4418505c e153979cf28e326f2c7666b4939a145976750668eb87f8bf6d1191b9dd675d09 Loading...

	#34 Eval - bae3f90cb000352645e35fad60da411c	35 B	2023-03-07 01:02	2025-05-11 13:48
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 13:48 Times Seen51749 Hash bae3f90cb000352645e35fad60da411c 00023f94c170125b979cb1914925d06ab1abfbce 1e3606d95ce27d593157594820335681a9380f51a96147303cd8000e60a95e12 Loading...

	#35 Eval - 7afbc06554b46dc8e594a121d677aa0e	184 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 7afbc06554b46dc8e594a121d677aa0e 31c09053771d8d85a928df74c4645bb0c3559451 27e29c6c969f35482379d01e226d878d976fcd6431b3406e6ba43cfa80f5e789 Loading...

	#36 Eval - b3e664cbc391171ae8752b7d8d9b0422	2 B	2023-03-08 21:28	2025-03-17 19:19
Pretty Observations First Seen2023-03-08 21:28 Last Seen2025-03-17 19:19 Times Seen1258 Hash b3e664cbc391171ae8752b7d8d9b0422 b117b6b4947f7c44aee3e5e0fd24cf91fa52751c 65c325fb80a0e7f790657fae7d8b7a07bb83e660b22ecbf70efbae4bb03f4fa3 Loading...

	#37 Eval - f7373a2c8ea4b1cafd7ab9e8c294331d	2 B	2023-09-15 14:52	2025-03-29 05:22
Pretty Observations First Seen2023-09-15 14:52 Last Seen2025-03-29 05:22 Times Seen1213 Hash f7373a2c8ea4b1cafd7ab9e8c294331d 6dfa06dccc4b9f5533fce101fb950064f3faf2f9 c1ad8f358a0652523011bde1a9a35b1c1b4741151f9fae22d95e88c40d1250be Loading...

	#38 Eval - 2f227586dafabaf8cf8b1e8ad7aebf4e	55 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 2f227586dafabaf8cf8b1e8ad7aebf4e 61396115c2b65c961670115e409de018621408cc c7b1d56f93da36e5a0d167d12e14297f05b7de8f5e9754a8cb4a7ec4e5c57845 Loading...

	#39 Eval - ea8b6c254d03e5ea9b10464c43be0bb1	93 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash ea8b6c254d03e5ea9b10464c43be0bb1 c359d61bf82d93d0aaefe4e638204f30b6a0ce67 7cec55b665a0adca983327b137ae0447e289bf4e972ed4f4ae0e3eae8eead446 Loading...

	#40 Eval - afffb04a1f2e8f0cc035cfe28bf455a8	131 B	2023-07-02 14:54	2024-08-22 11:17
Pretty Observations First Seen2023-07-02 14:54 Last Seen2024-08-22 11:17 Times Seen20347 Hash afffb04a1f2e8f0cc035cfe28bf455a8 920c52f3e931c79600ab73dca9d4baceaa721aa3 1224c72af04d20c26e9dea6a1295f8703ef495872d17d051e94ac95dab0cf66a Loading...

	#41 Eval - 4c62bc4fd3c4e105cb3fb62fb748d59c	203 B	2023-06-16 07:31	2025-05-11 12:27
Pretty Observations First Seen2023-06-16 07:31 Last Seen2025-05-11 12:27 Times Seen36905 Hash 4c62bc4fd3c4e105cb3fb62fb748d59c f6e2d1e74e35ec4c4740ba02e890b98bda11417f 9f4a6a370cd350425d8ac08047e7646116468672e99765ca198e6d463ee5286d Loading...

	#42 Eval - a34c997da8f62c6751a11b90efa0703d	2 B	2023-03-08 12:10	2025-03-30 01:58
Pretty Observations First Seen2023-03-08 12:10 Last Seen2025-03-30 01:58 Times Seen1285 Hash a34c997da8f62c6751a11b90efa0703d b3cd16bf4d27f6df229f52b95d1dfaf62dbd779d 031b52ffd3cdb68797252799e42588772700c8d8ba43b644d074a2feba14fb9e Loading...

	#43 Eval - 9be5f6606c8a463a15615ba27d6086c3	63 B	2023-03-13 02:11	2024-08-22 11:17
Pretty Observations First Seen2023-03-13 02:11 Last Seen2024-08-22 11:17 Times Seen25387 Hash 9be5f6606c8a463a15615ba27d6086c3 86a2fe727ef0ec4e23f1be261de127f0713e3f32 57e4541e6b4799c76812f6de6ff4aa7605c94d3cc7aebb5e8770c57efa4d28f0 Loading...

	#44 Eval - 8d8b85adc4d2474a84fbca1381afb3c7	83 B	2023-03-07 01:02	2025-05-11 12:27
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:27 Times Seen44890 Hash 8d8b85adc4d2474a84fbca1381afb3c7 3815645d5a8680fd3ed4ce5a3b82f8d432448698 3eb8abc484d33a620c974de75babdd2caae4fff7dc8daad7d860dd41c93ee611 Loading...

	#45 Eval - a931635074a5017da74948b67e16c76f	206 B	2023-03-07 01:02	2025-05-11 14:25
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 14:25 Times Seen44736 Hash a931635074a5017da74948b67e16c76f a6799582ad16a7c1ab8221c166268130df6691d2 1fb437ac78114eda813a7c4d5771b6d3aa34908a5ca3b743d5eb5c79088cf82c Loading...

	#46 Eval - b9681df672b50a87adc8ba82b517e113	56 B	2024-08-20 16:54	2024-08-20 16:54
Pretty Observations First Seen2024-08-20 16:54 Last Seen2024-08-20 16:54 Times Seen1 Hash b9681df672b50a87adc8ba82b517e113 9e9169a6b1541838c5e7131cf887dfb02a3ba67e 894ccaf01dd5bff885f84609f38e8b0085c62503e7a0661f089bea8ff0c45deb Loading...

	#47 Eval - d6795d219f44e8d813bd108b0b0697d3	51 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash d6795d219f44e8d813bd108b0b0697d3 d4c35b23ff70193949f9d2a26332c04240a666ae 849a9a26af6dd4a2885df9e67660fc0499b37507be5af381b650407b4ee55489 Loading...

	#48 Eval - ad9301dc28dcf3f33940160e8c441655	77 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash ad9301dc28dcf3f33940160e8c441655 08934f9233806e6a77b6abc04076990a1916b85a 4fa8fddd6a851e6a78aa41275b7ca5fcccb7d098b8905e0036de7e84a29abd0b Loading...

	#49 Eval - 0fce16d25d273c0b97e90b3ef896bfc7	77 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 0fce16d25d273c0b97e90b3ef896bfc7 cc4c14e723771aa4ded6f173b3ba4d2ceca68f2b 73a98000c5f79aaacc6ab4c5169c1e6467cef92d57879d3a59aace09aa0e7de4 Loading...

	#50 Eval - 373633ec8af28e5afaf6e5f4fd87469b	2 B	2023-03-14 04:05	2025-04-01 14:39
Pretty Observations First Seen2023-03-14 04:05 Last Seen2025-04-01 14:39 Times Seen1471 Hash 373633ec8af28e5afaf6e5f4fd87469b a454492e42fd9810e577ebee548c7e59bd883bca 8833cb57eb821d629899ba0015aec1aa8efc7c2472f0590bedd1cebe28107cd6 Loading...

	#51 Eval - 1da8d5d4ca9c3118679d17b8075f3fe9	2 B	2023-04-01 10:33	2024-10-11 09:09
Pretty Observations First Seen2023-04-01 10:33 Last Seen2024-10-11 09:09 Times Seen1263 Hash 1da8d5d4ca9c3118679d17b8075f3fe9 612f4fe0c132b93689a97cdd4bcea00312cf2516 845444e9928f80df13db50b90f3dec57288d4a7418caf7270f585aed66f9fc2e Loading...

	#52 Eval - 55a055409207a12d5937b243fd508bde	2 B	2023-03-07 01:02	2025-01-14 13:00
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-01-14 13:00 Times Seen1555 Hash 55a055409207a12d5937b243fd508bde d17bb082e04f08a5f47e5f92f26b8d0ba2b800de 6e314c4d6b87797d60858511e299d6a5931286a23b0b396620cca42cc19305d9 Loading...

	#53 Eval - 0cc175b9c0f1b6a831c399e269772661	1 B	2023-03-07 01:02	2025-05-11 16:53
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 16:53 Times Seen10984 Hash 0cc175b9c0f1b6a831c399e269772661 86f7e437faa5a7fce15d1ddcb9eaeaea377667b8 ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb Loading...

	#54 Eval - 8db38226dea32f40ac22120562175e64	326 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 8db38226dea32f40ac22120562175e64 3cd5843b7febf3b49a5b316b6938abeba44e01a1 57bb5102cc822b6b5c0813083a797f6cb383ce08a8f1178c62a308b6c3925a88 Loading...

	#55 Eval - 22749e392e6ff8a3e00b06b719d6f708	94 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 22749e392e6ff8a3e00b06b719d6f708 d5073e07040a54cf541d37952391ae329f3807f3 8af2a5a54682fd42abec1f48b0a33fdee83a9da111e4108fbe139acd2fb0a73a Loading...

	#56 Eval - f92a21c2dd64470fefcb6e15e1c96927	70 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash f92a21c2dd64470fefcb6e15e1c96927 c0e0b14b14d977cb5677b48aad3e704e6b72b97b 65dd1d2e2af92538ee41a30e0543e6642ecb366559b8a6c9c4c0c8e7b40bdd85 Loading...

	#57 Eval - 4524a7f898b78a4494acb13590cc33a5	114 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 4524a7f898b78a4494acb13590cc33a5 95ef6b7cb4874aacd6530c5899648efa8ca7f810 a2c254a9c4a8130009fc7c7360a4ef11b8dc82f925b0ae2a6132ca746523e95b Loading...

	#58 Eval - 4d693a8619963f7750462b678770e604	2 B	2023-03-08 03:40	2025-03-19 06:00
Pretty Observations First Seen2023-03-08 03:40 Last Seen2025-03-19 06:00 Times Seen1396 Hash 4d693a8619963f7750462b678770e604 91052b1cecbef0d754d1ca776f805e3a4876d0ac 1d92ad4b6987fa0347cc5d2fb6cf9e47c83f4f6caeb3b5ef6f629730528921c3 Loading...

	#59 Eval - 9a28adb59d68218410bc2c4a0f573440	542 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 9a28adb59d68218410bc2c4a0f573440 6c79460ca29abeccda0d6c6a032316916f1a6e67 1da8456ed7a948eece52643d7195b8948cba069829909710c8ec6bbf23c3a8e9 Loading...

	#60 Eval - 98a11465a8f3959645fcfd99d3ac93cb	118 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 98a11465a8f3959645fcfd99d3ac93cb 375897e17fe55be0a59b6ed5abbff8baeef225ba de4e74a1c98f7b42c1ae7ed00fdc64572728371e0a81fca60c2455bb073f4d23 Loading...

	#61 Eval - c12f6e385015fe6a68b988fbb39a75a6	59 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash c12f6e385015fe6a68b988fbb39a75a6 1b05968e941043141c87a3f58b1c6b7ae8bfc87b 062064f8258d6d57f85cd09f875af20e6c052a0f8e039f432908dba60680b529 Loading...

	#62 Eval - 784ee48bb53a17d152e0db840a149f10	355 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 784ee48bb53a17d152e0db840a149f10 7c92e2ae1dcd8c3b5615ac424e393dfb85208fdb 22c193067b968b6faf369e98eabf9ff1595e87a7cee462e087c246d4694eb992 Loading...

	#63 Eval - 1151f24be3c63db056f10938a42ab0ea	27 B	2023-03-07 01:02	2024-08-22 11:17
Pretty Observations First Seen2023-03-07 01:02 Last Seen2024-08-22 11:17 Times Seen17952 Hash 1151f24be3c63db056f10938a42ab0ea 5284a27f38597741e877ab31328cc8178b005676 0bc774ed3674af6aae8dd2c83bf89261e13ee293742afeda5161156a54bfc8ee Loading...

	#64 Eval - d384bbfa2b16cec1beac8d021eec0ae4	2 B	2023-03-07 17:52	2025-01-28 05:49
Pretty Observations First Seen2023-03-07 17:52 Last Seen2025-01-28 05:49 Times Seen1311 Hash d384bbfa2b16cec1beac8d021eec0ae4 da2ec569ba4fb2c415633321f7f311abb50f7c62 d3293502aa4ca6ce54c8a9b6fe3b56e07cd1ddeb4380d5ae25708f002acefd00 Loading...

	#65 Eval - 29d6804c8e813dda3eaa1d7f7e8aeff3	2 B	2023-03-26 10:23	2024-08-29 17:56
Pretty Observations First Seen2023-03-26 10:23 Last Seen2024-08-29 17:56 Times Seen1214 Hash 29d6804c8e813dda3eaa1d7f7e8aeff3 e82efebd1470e4323e34610ac576c0fb960f5970 a270ba425f03a58dbac8697cede66acbc6bb9353ae07dddefe94b0378e995655 Loading...

	#66 Eval - 5b85d2a9335d88053252ec5cf1f59778	77 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 5b85d2a9335d88053252ec5cf1f59778 9ed065a68ed905e4906cce0341e377b9d3401b5d 9172012575af2ed3d65f154840dce9570e579cf024b6eb7619ab20939bbe26c0 Loading...

	#67 Eval - b62f16c86d91d8dbeff4506b39ea90be	143 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash b62f16c86d91d8dbeff4506b39ea90be 7438230d971aa2be4631895a463ed98d9960273f 91b69657b4f027e51062abbbd604d42a00e8ac0dffb77a457e5123e1acdb1a86 Loading...

	#68 Eval - 8a122fe5c5402a4baacce7345ecc3285	403 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 8a122fe5c5402a4baacce7345ecc3285 92dfc92442a6bde082625c5fadc7ec9d93629aba dc52bb4b041395913cb4e1c4f340e382f0fcaa8e30a7e25e89b1c48f0ecfaf09 Loading...

	#69 Eval - 3c989753898032f47af57aefa99310b6	450 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 3c989753898032f47af57aefa99310b6 5814c02f884f563c81f32d5360cbb4d12c5eed15 0637263bf70543c4e4281c8536aac6cb8d29a3b4356add73495eb6c6997ccb16 Loading...

	#70 Eval - 96d66a4d9708fdb6dd5597f3bbc7d624	195 B	2023-03-08 14:47	2025-05-11 12:49
Pretty Observations First Seen2023-03-08 14:47 Last Seen2025-05-11 12:49 Times Seen44681 Hash 96d66a4d9708fdb6dd5597f3bbc7d624 e10a66fa8a836f6f948941262b70e1fc928a446e 3cabac574ada654802fc1c4518d870f0791a9a3ac31371677e75fb683e47ce89 Loading...

	#71 Eval - e7de63a948640a25c237baae1920f3c8	40 kB	2023-12-02 12:05	2024-08-20 17:04
Pretty Observations First Seen2023-12-02 12:05 Last Seen2024-08-20 17:04 Times Seen2 Hash e7de63a948640a25c237baae1920f3c8 fa69327751507e5980258320e09277446abb3ee1 b13da464d68badaaf5f9ab262a6e9e429878962469e829f0993b7e84a71d039b Loading...

	#72 Eval - 127ac839a41bdd9ab92ad47b7411cdaf	29 B	2023-03-08 14:23	2025-05-06 08:36
Pretty Observations First Seen2023-03-08 14:23 Last Seen2025-05-06 08:36 Times Seen675 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

	#73 Eval - 512705e20c3ae6147fb654ec8a735888	22 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 512705e20c3ae6147fb654ec8a735888 a00d19eebc4467591f464d0312afa47885c41cd0 dfc5800b5e625b7445c5d42c5760a8dd30fa380aa6f24753fff4fa58e56a21d1 Loading...

	#74 Eval - bc6a53554dfd8722ebdc82ae6b867fae	218 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash bc6a53554dfd8722ebdc82ae6b867fae e9ad55a66061d69f0784066b8d995d6225b01bd0 6ab303c49200201cdb5aa8d6f63a9be5131cfe5255cd484dd0575635d15b0742 Loading...

	#75 Eval - 730283a915b1e5b3a6fe194dc5e563d4	262 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 730283a915b1e5b3a6fe194dc5e563d4 141f0863a220202fd0d054b36c3fc2b8e13362e5 2b7c5f131e434e66e1789b6a1f92e72beec4793f9bbbde01477a552a99e8f998 Loading...

	#76 Eval - f465da03521180d47c811a98c793a2d6	9 B	2023-03-07 01:02	2025-05-11 12:27
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:27 Times Seen36945 Hash f465da03521180d47c811a98c793a2d6 9b76105ff4c8bb84cd630914d772f4cc73df0155 e8183224e440eb4578fd87c4c47735f9ede4c43b1c6ebbdcd7033e98aba6a009 Loading...

	#77 Eval - ac6c413a9d6d1b9291d1187d6d301125	307 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash ac6c413a9d6d1b9291d1187d6d301125 2d72ca8ad1445c1bf7a11fc35fcf05054c65cbab c675ece2cf7fcc86950e464a0229075a49ecf9e1188b081d061d9f344c95ba22 Loading...

	#78 Eval - cdaf6e12c498bf964dd8f2eaa30672c9	264 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash cdaf6e12c498bf964dd8f2eaa30672c9 b73db6a52dd3d1b313993254def737237df22a4c b0c54b83cffe3925eb355166b2213d3780e05c420f25cea702c0b8f740fe8438 Loading...

	#79 Eval - 8d9c307cb7f3c4a32822a51922d1ceaa	1 B	2023-03-07 01:02	2025-05-10 17:10
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 17:10 Times Seen9203 Hash 8d9c307cb7f3c4a32822a51922d1ceaa b51a60734da64be0e618bacbea2865a8a7dcd669 8ce86a6ae65d3692e7305e2c58ac62eebd97d3d943e093f577da25c36988246b Loading...

	#80 Eval - 1651982e1ef59fbc3e9db66dbe7759d5	2 B	2023-03-10 11:14	2025-04-10 05:44
Pretty Observations First Seen2023-03-10 11:14 Last Seen2025-04-10 05:44 Times Seen1368 Hash 1651982e1ef59fbc3e9db66dbe7759d5 0c221b9f489dfeffc42254a5e00bed663eef7ff3 0bb404b255c8235d6d5113cc3e49262a99c374b16f16cd6bf2380052b091c876 Loading...

	#81 Eval - b4db71556e353b04562ba2f5ba28476c	471 B	2023-11-26 21:23	2024-08-20 17:49
Pretty Observations First Seen2023-11-26 21:23 Last Seen2024-08-20 17:49 Times Seen25 Hash b4db71556e353b04562ba2f5ba28476c 4ba29f4a117f58fd0dcb2f6e1fc7a50a50842399 991239f15eca790f4d782b2b2eef92fb5728365845c17f7e886a972cd08638e3 Loading...

	#82 Eval - 258f49887ef8d14ac268c92b02503aaa	2 B	2023-04-01 11:01	2025-02-18 16:16
Pretty Observations First Seen2023-04-01 11:01 Last Seen2025-02-18 16:16 Times Seen1404 Hash 258f49887ef8d14ac268c92b02503aaa 2038bdec9210202d0d9d74839e3925ff0cd91ba1 55490a4bf3a8e8cb5eed69720293a700ff01ef7da2bfc749f332f626cb584916 Loading...

	#83 Eval - 0d38787062c702b4a5490400bca2ccce	26 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 0d38787062c702b4a5490400bca2ccce e83276562617ef4a927dd9553b287b2fef635e2f 1c053726d70a76c76a5800466a5144779c72e6c321d3a5aaef778d894a4d70a9 Loading...

	#84 Eval - a4b57ebe6d5df0079c3541b6e3555db9	107 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1172 Hash a4b57ebe6d5df0079c3541b6e3555db9 1468f1239db42c171c41664ba784ffe30ffb00cc 4847ea981dce1ffed5867d6591026ef44fd1fe129bc44f07b96d272f12145e14 Loading...

	#85 Eval - f1290186a5d0b1ceab27f4e77c0c5d68	1 B	2023-03-07 01:15	2025-05-10 19:31
Pretty Observations First Seen2023-03-07 01:15 Last Seen2025-05-10 19:31 Times Seen10133 Hash f1290186a5d0b1ceab27f4e77c0c5d68 aff024fe4ab0fece4091de044c58c9ae4233383a 50e721e49c013f00c62cf59f2163542a9d8df02464efeb615d31051b0fddc326 Loading...

	#86 Eval - ee3a76b8b7181491af6a491f08fb16e4	247 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash ee3a76b8b7181491af6a491f08fb16e4 b92921bdb88cda7b2cd7a88cdd83985858431689 93faf06bbd3a34004cf97ddc3e63a6bb0cd68edcd0c9a629ce8f35243cd5fbdc Loading...

	#87 Eval - ad9811610eeca7e6ce38634e616937fc	95 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash ad9811610eeca7e6ce38634e616937fc a35b69583d9bf33cead87a0220371d7c8e2bfad7 f9b3bdb14cf13056c558762d609c27e28bd68a50511bd14d1aff243903feb9e2 Loading...

	#88 Eval - 72078cd4d1afc993a69865578c55e217	101 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 72078cd4d1afc993a69865578c55e217 13aed800127f3408c81e7100d00a55696071ff16 5e2d9075ff8ddb779018259bc5fa0ae9fbc2e48262bc60cccb190b4ea0365e80 Loading...

	#89 Eval - 78f9a7b3e55776b3956cdb2d590c168e	77 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 78f9a7b3e55776b3956cdb2d590c168e bbadb59109fe9c2578e0a3b8ced18f84dba19b83 8b37b27281d3c83d13360b58219f1d6f9881a8244ed5176e9ecbedbff9a05912 Loading...

	#90 Eval - a7c683352a65202c3e49119b87c6a4c1	22 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash a7c683352a65202c3e49119b87c6a4c1 0297f73fe4c4e991936a843d279905a420cbb916 4d5761942ec94c8890b1081ca0c0ee683e4d7f31a25d6e6d0a3d45b08f86567a Loading...

	#91 Eval - da8097ab150a16d8034630a8fa235266	142 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash da8097ab150a16d8034630a8fa235266 3cbb761d761386e7dc749c4b0d890f2d06dfb953 a7e196e6469080b3fa211daa50fec712267247f21f23155a1c1e0850346e2209 Loading...

	#92 Eval - f69f8a97602c0e8d86cbf26eb0fc8024	2 B	2023-03-08 13:02	2025-05-10 15:08
Pretty Observations First Seen2023-03-08 13:02 Last Seen2025-05-10 15:08 Times Seen1825 Hash f69f8a97602c0e8d86cbf26eb0fc8024 1363c20e8e3fef6df75dd6c368cef6c326f7f5b4 ca44086fd065d8275d64a706375e8b02fa1cdc9c5b1ba056f1b845758642625d Loading...

	#93 Eval - e7e87fd9dff633c4e522b93a0204e6e9	2 B	2023-04-18 10:33	2025-01-28 19:17
Pretty Observations First Seen2023-04-18 10:33 Last Seen2025-01-28 19:17 Times Seen2063 Hash e7e87fd9dff633c4e522b93a0204e6e9 bc3a4adad797cb0810a3b52f4410398d5ac5b13c ea1d169bded815aa0e65bee8d45b2f4d0ab207e122b8fad937bc0d6973924ada Loading...

	#94 Eval - 316c88dce4f6c65c54fb6b13835d073e	66 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 316c88dce4f6c65c54fb6b13835d073e aba38af06d2fbd20ac7abf3c8f2b6ab3b78382e2 ded22956ad75465a4fb606b27ec70fabdf439d9c0add4e56638797c6577302ab Loading...

	#95 Eval - d1374737c426a42f776b4c8678644a17	253 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash d1374737c426a42f776b4c8678644a17 1013b22eff7b32db8cedd669664c14c7031a5d8f beaccd2eb66fe53a74d398c6f6250797fbd97882466939a4be1fcb214d832768 Loading...

	#96 Eval - 05b8c74cbd96fbf2de4c1a352702fbf4	6 B	2023-03-07 01:02	2025-05-11 15:33
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 15:33 Times Seen60861 Hash 05b8c74cbd96fbf2de4c1a352702fbf4 320ad267d8d969f285eda5c184f5455bd29c8c95 44ff7b02c80d38b26dd6aa31d9470aed81b32e10331a3c994fb1a9945fd847ba Loading...

	#97 Eval - 37a6259cc0c1dae299a7866489dff0bd	4 B	2023-03-07 01:02	2025-05-11 17:10
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 17:10 Times Seen61507 Hash 37a6259cc0c1dae299a7866489dff0bd 2be88ca4242c76e8253ac62474851065032d6833 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Loading...

	#98 Eval - 7fc56270e7a70fa81a5935b72eacbe29	1 B	2023-03-07 01:15	2025-05-09 20:05
Pretty Observations First Seen2023-03-07 01:15 Last Seen2025-05-09 20:05 Times Seen8934 Hash 7fc56270e7a70fa81a5935b72eacbe29 6dcd4ce23d88e2ee9568ba546c007c63d9131c1b 559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd Loading...

	#99 Eval - c2027d8d704da8ecb0c79c8be1b3af85	77 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash c2027d8d704da8ecb0c79c8be1b3af85 f190df8c27ffc546072fc19ad8ca7f24ce0181f0 241ded013cba5332b46f2caf28a49ef78310f480990de77f51cfa1670fd7a89e Loading...

	#100 Eval - 2db95e8e1a9267b7a1188556b2013b33	1 B	2023-03-07 01:15	2025-05-11 17:10
Pretty Observations First Seen2023-03-07 01:15 Last Seen2025-05-11 17:10 Times Seen8841 Hash 2db95e8e1a9267b7a1188556b2013b33 07c342be6e560e7f43842e2e21b774e61d85f047 acac86c0e609ca906f632b0e2dacccb2b77d22b0621f20ebece1a4835b93f6f0 Loading...

	#101 Eval - 9c922d2fb836f917bba064d4f5120356	2 B	2023-03-08 15:47	2024-10-30 20:33
Pretty Observations First Seen2023-03-08 15:47 Last Seen2024-10-30 20:33 Times Seen1300 Hash 9c922d2fb836f917bba064d4f5120356 6e1d936831296656f25902b88e2f9dd325657275 7ae8c65efac702d3251c067e624364ad04c37c275ff657bab87758f7cd70a354 Loading...

	#102 Eval - e0150e15ebb59574a5213a86e933580a	353 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash e0150e15ebb59574a5213a86e933580a 95b6fd07870c060414a3791173ad5be575e6c2bf 5d007d276fd86e8e745bbfaf927fa61e07351c664567347d948c7b393002d4a2 Loading...

	#103 Eval - 08b646c3f8aa1b7e8741d021dc57c22f	96 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 08b646c3f8aa1b7e8741d021dc57c22f a8f7ead1071e0fdb7f5c612944390d7d040a2eb7 be93ae7bd7201e98190f26dc968f684f68d3a6801accd1dbe4cd93892db3e138 Loading...

	#104 Eval - 3fd29e3b64dab0a0a6bcf4a9c77bf89f	157 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 3fd29e3b64dab0a0a6bcf4a9c77bf89f c305553ec6fdfcfb4ebab20fe529f43bc1500b29 c0d4933355e9141d6037c331a6d8523529af08d1dfa53401ac32517cc3f97a6e Loading...

	#105 Eval - 3782ce66fe3b7d798a6eb88607810592	1.1 kB	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 3782ce66fe3b7d798a6eb88607810592 85a2b3c1c84021b7a7367f05ffde8bfb607dcc15 2dc4a01e2837f1ee4306446c507713fda6880ded756f9c92d2f4035088375930 Loading...

	#106 Eval - a85d68427636bc2196556b890c41256d	466 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash a85d68427636bc2196556b890c41256d 0bf0975a20c6bee5ae41e43e0671ff134b6b5e24 01371362bfae3e7fba35a6751c3e62946c44b9d8be629564915fbed755671d9f Loading...

	#107 Eval - 7a7690d1db8ab92afb0142a22e528995	22 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1172 Hash 7a7690d1db8ab92afb0142a22e528995 7adffd13d8f12567b8f70358a2ae5c6e9e2b7745 6674b1c8e253de47d37b5da928215d3be0638d915ce571a785ff6ce6ebe4ff5f Loading...

	#108 Eval - 7d939ed9480c83d36c2790cbb1ecb51e	53 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 7d939ed9480c83d36c2790cbb1ecb51e b8d20139a294af92880a5b6b4619e66eb39d9ba6 dc583ff9cf964e0c017d45a40c45453fa4fcf95c3a0dbb79d9ae6b3a58036b9a Loading...

	#109 Eval - f097fc9707f31a96ff14cdefe933ebc0	260 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash f097fc9707f31a96ff14cdefe933ebc0 33ef393ee38cb5c3faa9a894db62708aa2a07842 80068a3c75ca108940cf152a663da7e4532596ab73f41050acc4463446110697 Loading...

	#110 Eval - 380903fb205f082a4e298e86a482e9de	78 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1172 Hash 380903fb205f082a4e298e86a482e9de e2f77f8bcc77f5ae57ac901ff0bf11700a8074c6 e3ee0f7d7c7584252a35665734de2d84d707d36dd85c199d4830a29ee5680072 Loading...

	#111 Eval - f3de292838b77673829c8b132b519291	457 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash f3de292838b77673829c8b132b519291 3590129075fe6709c3db75a9a8e5a26b527dd573 01f56df1bbf90e6350b02be6dc1efef00968111a6cc39642be6d84fe4a48442f Loading...

	#112 Eval - 9ac2216e46efc369c5071c5354e35cbe	138 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 9ac2216e46efc369c5071c5354e35cbe 31ed9ffd5e3859c6b971c99db2c49aa994f3a6e3 624220c829ce4ef16e20faa66d6d0ffb779fc5e202fb0a183a784644809bba8c Loading...

	#113 Eval - 24cc3dc813f384fde380df619f1525cb	19 B	2023-03-07 01:02	2025-05-11 17:10
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 17:10 Times Seen46840 Hash 24cc3dc813f384fde380df619f1525cb 56399e3ce57ff98d68c7de98a563e572230dff6b 5421715bbdaf2550e31d10fc28d444310a8fe7147bbddecf0abb490358a1553b Loading...

	#114 Eval - 2d7299e7da8cda01d88bb86e7c432b1e	146 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 2d7299e7da8cda01d88bb86e7c432b1e 26fd086f948765093ee329b1c4e6d823070c6573 4c1401cf44d05901be5f029ddb981b84a0532f34b91a67bda69091ec71214245 Loading...

	#115 Eval - 54d54a126a783bc9cba8c06137136943	2 B	2023-03-12 21:10	2025-05-10 21:12
Pretty Observations First Seen2023-03-12 21:10 Last Seen2025-05-10 21:12 Times Seen1616 Hash 54d54a126a783bc9cba8c06137136943 e066133fdba5e5077ee034d757dc6dfcebd12979 5312fb609f60384731fcfcb95deef3602239bf61f865a07bd8e08d818d22e9fa Loading...

	#116 Eval - 68af0ab14d3a29484b7cc5b3c9c828cf	135 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 68af0ab14d3a29484b7cc5b3c9c828cf dbc28a446e8b63620243641b46c06834bb0c9147 a4f498cc5433dc8d6c33844c1b83be8de499e968959f647d98df5f30f1ab2598 Loading...

	#117 Eval - 8c80c017097fffe05cc78cad551ef08c	26 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 8c80c017097fffe05cc78cad551ef08c 45d21b94f4a893d325e35c1bb2d0bc9b6873d5e8 2e5af31b220d5621a1efe1f82aae92bf575062df08aa90c81e7bcdfb786a71e6 Loading...

	#118 Eval - 4a3f55450960dff92c67b9df27e8dae9	249 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 4a3f55450960dff92c67b9df27e8dae9 ba8c2ce6ad07fae1d04750f73125096077d26dfc 03a1a57827b1c6f356e0836846a0776972b13c5547e698532b0e3993c55a03b2 Loading...

	#119 Eval - 987bf3b4c2bfccb58db186c4cf253307	77 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 987bf3b4c2bfccb58db186c4cf253307 4b9dc62ac52f9979799a7db84c0732d22e8a5f6c a0c4112eaebc84e9756847b1872d8feb23b241050feeaeb44eacfcbfdd2b947a Loading...

	#120 Eval - 9a1d6db237ac592a951c3a06650c1657	448 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 9a1d6db237ac592a951c3a06650c1657 4240a4ba7c36a2a318620d0a693e3bd96c2d5ce9 da16da7d72b3e8bd2082b80e76cc48862e9804a1c5d4481d6fca442ae26c7d94 Loading...

	#121 Eval - 78368ee39441a9b171eb86fb28d1ec29	22 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash 78368ee39441a9b171eb86fb28d1ec29 b8002127cd1469ae2b4847083335ec4b21f5658d 6ba11754ba7ad7f91e50b9b325efdf121e1e3debe27d920549e76c92ce8de897 Loading...

	#122 Eval - cd722e593c33d3dd01bccfb9daea1c90	258 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash cd722e593c33d3dd01bccfb9daea1c90 2eccb00ad91fc5a92ba69ffc29a57685ab300307 5678024cef7c38c06441e35dc82f46e82dc6a3adbcdf2538836d5510c5c94839 Loading...

	#123 Eval - fafed4711ac09cc405d4131c67b21ddb	212 B	2023-11-07 13:48	2024-08-20 20:33
Pretty Observations First Seen2023-11-07 13:48 Last Seen2024-08-20 20:33 Times Seen1173 Hash fafed4711ac09cc405d4131c67b21ddb cd306c4a85fa4a7db4e1334887a766365d5ac18a bf6572308c26c2391bd2b8f101283f82a16f8e39edb5176b0d8a814a04c0ac9e Loading...

		Size	First Seen	Last Seen
	#1 Write - 31c9da99d87f30d4105f391c11ae8757	128 B	2023-08-25 09:27	2024-08-21 08:08
Pretty Observations First Seen2023-08-25 09:27 Last Seen2024-08-21 08:08 Times Seen183 Hash 31c9da99d87f30d4105f391c11ae8757 da2648a5466570fd4aa986282e122d12ab6b5648 1dbdd8a3b493ad2b2750901f83983de94b8f59db68ab58aebe45672fc4dba75d Loading...

	#2 Write - ffff120fa25d3f536d0c45ab74cdd630	384 B	2023-08-25 09:27	2024-08-21 08:08
Pretty Observations First Seen2023-08-25 09:27 Last Seen2024-08-21 08:08 Times Seen25 Hash ffff120fa25d3f536d0c45ab74cdd630 05bdb33018e77a7621eddf7c6d3e56caa9139d03 9704d3f3064f956dbad6e642b5d0540d1a9565ff215fa48b855362b162339dbb Loading...

HTTP Transactions (148)

URL IP Response Size

www.vugla.com/

192.185.106.252

230 B

URL
www.vugla.com/
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
230 B (230 bytes)
Hash
deab15abf7ba31caec31382d67dd2701
71ee339d8da5300fab24396a4ec4548ee0b1e7ef
e01052242a88c96c631013a248ba680d6be3a1ad2481ed023b8ef920656fbb8e

HTTP Headers

GET / HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sun, 03 Dec 2023 21:15:09 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Location: https://www.vugla.com/
Cache-Control: max-age=10800
Expires: Mon, 04 Dec 2023 00:15:09 GMT
Content-Length: 230
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT

142.250.74.168

86 kB

URL
www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3034)
Size
86 kB (85470 bytes)
Hash
97962c789a24383674f17a41b68b8427
177459b7e1d1a43861764b5f58f5a2b1a11eef8f
9f135f3126fba42cc323d719f714e58a6d0a8ae9bda0f685b9a252542afadaa9

HTTP Headers

GET /gtag/js?id=G-7NCJ73THPT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Dec 2023 21:15:09 GMT
expires: Sun, 03 Dec 2023 21:15:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85470
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

apis.google.com/js/plusone.js

142.250.74.78

22 kB

URL
apis.google.com/js/plusone.js
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2664)
Size
22 kB (21930 bytes)
Hash
12476fdc6b8599d03eac729748337611
7a15dc04ad6e77026bf45927b78247411e3e0466
c5be6532f19ca90fb5966ed89be694f2bc2cded1e443d3489467cb28cd69af43

HTTP Headers

GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 21930
date: Sun, 03 Dec 2023 21:15:09 GMT
expires: Sun, 03 Dec 2023 21:15:09 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "b82ec1e6cb6f99ed"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=OWc1gLUIFJjsOp7OpPq1OsNmIRn8FgfCImfL8_BvLMj2h6p8cjCr3Ee8Vv-2nm5fTp4Oy6Mcu30Qtgv4y9YHszsuMmoVI3vfTixYo33rles1HNXqroZdZJddDTPJerSbgdzkYp0rm4LseK-3zTAs2VWDjyuW4WFh26MgtUb-1jA; expires=Mon, 03-Jun-2024 21:15:09 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1

192.185.106.252

398 B

URL
www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
398 B (398 bytes)
Hash
4f140b946bdc4cb833896a992db68c6d
52d6c64f9c5478bb70604068a66f06283ecff968
f8f90d1cacc59cf90886948787ef5c723b8de9e41092285611f2f915b5996ef2

HTTP Headers

GET /wp-content/themes/vugla/style.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 24 Mar 2020 17:57:12 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 398
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6

192.185.106.252

1.4 kB

URL
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (4310), with CRLF line terminators
Size
1.4 kB (1410 bytes)
Hash
b236fbc68ad6824d6fd4be9501a56ea5
5147f5e6779b335a45771a6a9ec9f0a1db8079ef
d49c9ad378618e0a0eb8e6fca04c13f6005e13badf79e0c977d76d851f7aa60a

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1410
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1

192.185.106.252

733 B

URL
www.vugla.com/wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (2553), with no line terminators
Size
733 B (733 bytes)
Hash
229bf132659b3607e05296743613ecca
2f498516b73ae5f087904669ccd6b3eb57054711
73214adfea5dc8d2ab7aae66baec56aab47e70224557c08f424b80909d1acd7c

HTTP Headers

GET /wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:33 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 733
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1

192.185.106.252

320 B

URL
www.vugla.com/wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
320 B (320 bytes)
Hash
199decab27dd471d35814631e71e6fea
42c2847529b6859230bc2f4e8e6432805a06148b
7279594a46188e3246db42ffd4c609fc254c6fa06bfca8b72dd82e63fa4e6385

HTTP Headers

GET /wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 26 May 2014 20:39:02 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 320
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html

192.185.106.252

72 kB

URL
www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (38499), with CRLF, LF line terminators
Size
72 kB (71890 bytes)
Hash
9260526675567f06bad295e3081c42b2
ce7eb28ae3323b18c6f1939d466a71a0ee626ef5
1c0bf40b54ff0a8b9fd3b2be8dd93a5461a3e8fdb2eb51c203ad63285957bb74

HTTP Headers

GET /ankaragucu-besiktas-golovi-03-12-2023.html HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-pingback: https://www.vugla.com/xmlrpc.php
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/", <https://www.vugla.com/wp-json/wp/v2/posts/575148>; rel="alternate"; type="application/json", <https://www.vugla.com/?p=575148>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=10800
expires: Mon, 04 Dec 2023 00:15:06 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 21:15:06 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1

192.185.106.252

14 kB

URL
www.vugla.com/wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (5844)
Size
14 kB (13761 bytes)
Hash
514fccb15bdc95ea2c2b6fddaded8ecc
4c999194bb19b83cc85f40621fa1c74cd1a4cbf7
d86730f73982f170cb0943d0d47c3c2520743d6a3d6cf5330cde12667df675ca

HTTP Headers

GET /wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:35 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 13761
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

192.185.106.252

5.4 kB

URL
www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (13479)
Size
5.4 kB (5422 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 5422
content-type: application/javascript
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/viber-64x64.png

192.185.106.252

7.1 kB

URL
www.vugla.com/wp-content/themes/vugla/images/mobile-share/viber-64x64.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7120 bytes)
Hash
de186be4358ae6892385bcb78cc79b01
d933c306c857b9e84e321c4756d384a6e8093da2
c912b95fc0e537dbd5d103172a9ad3df2a3c8ad4ce5e6d6cebbaf31d7f6d58be

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/viber-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 22 Dec 2016 10:00:29 GMT
accept-ranges: bytes
content-length: 7120
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png

192.185.106.252

2.3 kB

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2328 bytes)
Hash
91d33236832e22fe9743606623bd001a
d7101e60e49e86dbe1f34876228aa6831ad568f7
5571cdc5e0d90001474bf488c142929a02a39e55a4a7f61c44d1f94a4087eda1

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 2328
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png

192.185.106.252

2.6 kB

URL
www.vugla.com/wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2562 bytes)
Hash
56735b8135d0a3b1db1b1e1a34945e85
dc604b4e7030d9fe583393b94f1811fe69628107
7ef39fd53ffb21c300f78615faa8eab8eb1163ad1b70843efa4550a0bda364bc

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 26 Jul 2017 12:44:40 GMT
accept-ranges: bytes
content-length: 2562
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1

192.185.106.252

106 B

URL
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
106 B (106 bytes)
Hash
64829824ee643f09fb3821dc49b3089a
446608ff9f4128b9503476135a8c28599f8d5c2e
0b967c52b8e899c4266110c97fa50018d61ccf1365144d16f09f901523d48c95

HTTP Headers

GET /wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:31 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 106
content-type: application/javascript
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1

192.185.106.252

7.0 kB

URL
www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with very long lines (14641), with CRLF line terminators
Size
7.0 kB (6964 bytes)
Hash
ad955f14cdcc21d58014f25ab7c8d46d
8915b95d672d54be6fb01a239088aba305d4798e
d6304e162f8fe5054a4c5430d2f1d78ea2ad54c1ff61ea708d148bf385312407

HTTP Headers

GET /wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 12:00:08 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 6964
content-type: application/javascript
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/bosanski-petrovac-raskrsnica-webcam-150x150.jpg

192.185.106.252

7.0 kB

URL
www.vugla.com/wp-content/uploads/2021/11/bosanski-petrovac-raskrsnica-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
7.0 kB (7008 bytes)
Hash
1804ac2c146b4f9c33a255684979c30f
189fa8eed75366902e0653ab3c8ddd08d3fc607d
ceeb0475c327a3ded698c5c22472291e3eabae9d03c5800b91b465a7728bb4b5

HTTP Headers

GET /wp-content/uploads/2021/11/bosanski-petrovac-raskrsnica-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 24 Nov 2021 16:58:58 GMT
accept-ranges: bytes
content-length: 7008
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/almeria-betis-golovi-03-12-2023-150x150.jpg

192.185.106.252

6.8 kB

URL
www.vugla.com/wp-content/uploads/2023/12/almeria-betis-golovi-03-12-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
6.8 kB (6765 bytes)
Hash
10269b233dc96f1ac2b71ceeb38fc33e
1b10927d1563023712cb73d5f7da43bad524eb46
626c9fb8cc0095b006a95f3798829c8b862cda8dcd2bf19057e1085ae1cce261

HTTP Headers

GET /wp-content/uploads/2023/12/almeria-betis-golovi-03-12-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 03 Dec 2023 20:38:35 GMT
accept-ranges: bytes
content-length: 6765
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png

192.185.106.252

725 B

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
725 B (725 bytes)
Hash
5da9fb18cfc9264a6e95b4a8bf4d2fcb
7bb78a36bc621ea268a0dad519c9c5c539e751ce
c6e399926b1aeb3634681cf7eb6af4e355325a6b2b6f8a89ad65ece3523fab18

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 725
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/wrexham-yeovil-golovi-03-12-2023-150x150.jpg

192.185.106.252

5.6 kB

URL
www.vugla.com/wp-content/uploads/2023/12/wrexham-yeovil-golovi-03-12-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
5.6 kB (5581 bytes)
Hash
697cfdcae37a1c38f1259de6b80ffde9
476c97565c4a385536778501d9a8c1472efe6e9e
d8e80304ead9740b63ea902349d07facbb071910c04c7bacbab15c07c2e61ee7

HTTP Headers

GET /wp-content/uploads/2023/12/wrexham-yeovil-golovi-03-12-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 03 Dec 2023 20:38:37 GMT
accept-ranges: bytes
content-length: 5581
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1

192.185.106.252

1.4 kB

URL
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text
Size
1.4 kB (1389 bytes)
Hash
6755415003869bd599c3fae8e9792027
57946a22c79654014eb00fb548f727d302221873
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

HTTP Headers

GET /wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:28 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1389
content-type: application/javascript
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6

192.185.106.252

4.7 kB

URL
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (12917), with CRLF line terminators
Size
4.7 kB (4708 bytes)
Hash
416d2c5e5425c640a7d63f25e0376fd6
a95b218161d94bdb148d108aedf065b4a4762045
b875bead01dfa1b02a553e8efda0f3a65d39da24f19ad37af95f06795eee76dc

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 4708
content-type: application/javascript
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/moscenicka-draga-plaza-webcam-150x150.jpg

192.185.106.252

4.9 kB

URL
www.vugla.com/wp-content/uploads/2021/11/moscenicka-draga-plaza-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
4.9 kB (4935 bytes)
Hash
36ce7f110a0bb87c061dfc73996c72f1
b4e17a2970a39ddb82bf55f2f7b3951f25812bb2
5d5cf867961c3c016832f4c7dfd3a4dfdbac76e90c8fd3708e71fa9449bdc9c2

HTTP Headers

GET /wp-content/uploads/2021/11/moscenicka-draga-plaza-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 30 Nov 2021 14:21:33 GMT
accept-ranges: bytes
content-length: 4935
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/dubrovnik-stari-grad-webcam-150x150.jpg

192.185.106.252

6.5 kB

URL
www.vugla.com/wp-content/uploads/2021/11/dubrovnik-stari-grad-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
6.5 kB (6532 bytes)
Hash
1b50e764a620c7fd388d923ad93d70df
b3b746612ea0a71740cafb54352acdd09cb4902b
a226362fdb2a48c07db96cd04918ad0c1ffa66c18b8a27197cb6d21afeb601a1

HTTP Headers

GET /wp-content/uploads/2021/11/dubrovnik-stari-grad-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 30 Nov 2021 13:56:09 GMT
accept-ranges: bytes
content-length: 6532
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3

192.185.106.252

83 B

URL
www.vugla.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3

192.185.106.252

83 B

URL
www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3

192.185.106.252

83 B

URL
www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/zagreb-trg-bana-jelacica-webcam-150x150.jpg

192.185.106.252

7.4 kB

URL
www.vugla.com/wp-content/uploads/2021/11/zagreb-trg-bana-jelacica-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
7.4 kB (7380 bytes)
Hash
68241a50d8cb16c361d76230d338c4d5
498dffe9fc308bd108dad721ab8d21fc925a476c
bc84aeee6ed911c2e613ba2d67419c8c93e5b2a3d4925648965ebdb02f6d224c

HTTP Headers

GET /wp-content/uploads/2021/11/zagreb-trg-bana-jelacica-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Nov 2021 16:54:16 GMT
accept-ranges: bytes
content-length: 7380
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1

192.185.106.252

8.7 kB

URL
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (17739), with CRLF line terminators
Size
8.7 kB (8747 bytes)
Hash
3229aa93c44fa4628707e80959a97bc1
5a2d4dbc4d1df02e7a386489e7b5c5a9e22dd40f
095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8747
content-type: application/javascript
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/backa-radnicki-nis-golovi-03-12-2023-150x150.jpg

192.185.106.252

6.7 kB

URL
www.vugla.com/wp-content/uploads/2023/12/backa-radnicki-nis-golovi-03-12-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
6.7 kB (6705 bytes)
Hash
b63451a89a7582744beac2663bd04bfa
9d61ae9d3a03a5089c1847f29da5f7e0f0847af8
594275b5c517a585c755216a76da2d3468ebfef4282e615ce847f1f77e569c59

HTTP Headers

GET /wp-content/uploads/2023/12/backa-radnicki-nis-golovi-03-12-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 03 Dec 2023 20:42:24 GMT
accept-ranges: bytes
content-length: 6705
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/logo.png

192.185.106.252

7.9 kB

URL
www.vugla.com/wp-content/themes/vugla/images/logo.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 254 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
7.9 kB (7870 bytes)
Hash
f8e78d7eed20f4d77ca41cbf9700c0fa
9c40c7c5ae212e070b2aceda05b7e34de143a670
cf314f8938fb5d378e49a7e09683a206e244024b7ca3a7ec1676f22804285ca7

HTTP Headers

GET /wp-content/themes/vugla/images/logo.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 18 Nov 2013 11:35:09 GMT
accept-ranges: bytes
content-length: 7870
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png

192.185.106.252

1.8 kB

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1762 bytes)
Hash
9cb3d67f468539abb72395dc73934190
9928de37e21649c1799e3287a13f897a34aab5e1
04a457e988270cb1dc76bd57ac8e62fddf02c02b618a1ac6cb0880b93633f5e0

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 1762
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6

192.185.106.252

8.6 kB

URL
www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (629), with CRLF line terminators
Size
8.6 kB (8560 bytes)
Hash
68f8af044f685b84c7d49ac2356acabf
585889874b36224e980f4d285044ec0fb478dc7c
9fe6a07f596d507305d1480e6bb301d04cbf5ef8660b24b9fa411e39607a7ab5

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8560
content-type: application/javascript
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png

192.185.106.252

861 B

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
861 B (861 bytes)
Hash
1d8dab6f1066b94b74f5611a8c918681
4e0edc7ba1ada49418772d8d581cd3d38518d490
bac6d2c8418e543d967d6e57710eda1ca4318ddd917c19a28fd63b4240e8d150

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 861
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4

192.185.106.252

8.3 kB

URL
www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (18798)
Size
8.3 kB (8305 bytes)
Hash
f88d5720bb454ed5d204cbdb56901f6b
f1952292fde4b15936e9aac16b2b9896684db95b
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8305
content-type: application/javascript
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/ankaragucu-besiktas-golovi-03-12-2023-150x150.jpg

192.185.106.252

7.2 kB

URL
www.vugla.com/wp-content/uploads/2023/12/ankaragucu-besiktas-golovi-03-12-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
7.2 kB (7180 bytes)
Hash
eade20036cafe83b9fa7033ffb690985
c2a63ade4da8e73cd090f5bc5b67e3616fddcff7
fb074e659ec96bd9fb068133a40fa6d3f5809db3a5e4d68f9cf139db166941e0

HTTP Headers

GET /wp-content/uploads/2023/12/ankaragucu-besiktas-golovi-03-12-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 03 Dec 2023 20:38:39 GMT
accept-ranges: bytes
content-length: 7180
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png

192.185.106.252

5.9 kB

URL
www.vugla.com/wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
5.9 kB (5880 bytes)
Hash
616a93e26f2d9261cd8412a8741f7be8
5fbfd88e502bcc766a9c9ef1d1751ed16ce1197c
306accb5ad46635aeb9481a9bc934c14ae474e924ec52b6673141c5acacd800d

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 22 Dec 2016 10:00:28 GMT
accept-ranges: bytes
content-length: 5880
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png

192.185.106.252

1.7 kB

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1659 bytes)
Hash
42bec42b54ef1bb6bb9596efa815973d
88145ca02b72936eb430e818cd7a80f189ca9166
154a5b712eedff5cdee156292d8795dd139a350c7ed09982e5faec55a0ab2f42

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 1659
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/venice-grand-canal-webcam-150x150.jpg

192.185.106.252

8.2 kB

URL
www.vugla.com/wp-content/uploads/2021/11/venice-grand-canal-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
8.2 kB (8225 bytes)
Hash
865eb6d2d9e49679aeb404a873622d1a
611dad75aa193ae50c30b004c113d85accb73096
9ca91a22bac7e3c47364e0df7b66b518672b7d5c85f21cb5be3a952dcdc7142e

HTTP Headers

GET /wp-content/uploads/2021/11/venice-grand-canal-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Nov 2021 10:41:10 GMT
accept-ranges: bytes
content-length: 8225
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png

192.185.106.252

584 B

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
584 B (584 bytes)
Hash
114d84e23ab95df71589ab5e67b93b85
2270334f4b83486ceaab53133e4706537c16f38a
1353c448068301ee8534bd1d3c8eb214863afa0b9f716222dfe93e2739cffac2

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 584
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/12/baden-baden-webcam-150x150.jpg

192.185.106.252

7.4 kB

URL
www.vugla.com/wp-content/uploads/2021/12/baden-baden-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
7.4 kB (7429 bytes)
Hash
d78054997a3469fc078a8d2aee9e5296
397b6f401d571917f714b0688a7feb99ec2fb8fe
2d3dc8dfc64e4c27abfdb6cfb9caa0402c47b6e604e4749770dd3e32f96fdc16

HTTP Headers

GET /wp-content/uploads/2021/12/baden-baden-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 19 Dec 2021 19:55:27 GMT
accept-ranges: bytes
content-length: 7429
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/sevilla-villarreal-golovi-03-12-2023-150x150.jpg

192.185.106.252

6.6 kB

URL
www.vugla.com/wp-content/uploads/2023/12/sevilla-villarreal-golovi-03-12-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
6.6 kB (6631 bytes)
Hash
d22cdc38eb2facf562067fc766bcc585
8f04af50ebcb85590ca815a73f168df6532bfd7b
a70ddff6523f34e2671c145348064416c152efbc86867af7c11b46d5f5083e7e

HTTP Headers

GET /wp-content/uploads/2023/12/sevilla-villarreal-golovi-03-12-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 03 Dec 2023 20:38:45 GMT
accept-ranges: bytes
content-length: 6631
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/sassuolo-as-roma-golovi-03-12-2023-150x150.jpg

192.185.106.252

7.4 kB

URL
www.vugla.com/wp-content/uploads/2023/12/sassuolo-as-roma-golovi-03-12-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
7.4 kB (7407 bytes)
Hash
6d7129a0494865c0ce14460a6b09cf4f
9b364ba71f660dd02f2525dafab604a3a54a7801
f7256966ad497f50ac436c9cff180eaa71305e75d1a1c762c5c78498ca003fd1

HTTP Headers

GET /wp-content/uploads/2023/12/sassuolo-as-roma-golovi-03-12-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 03 Dec 2023 20:38:43 GMT
accept-ranges: bytes
content-length: 7407
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:09 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/flexslider.css

192.185.106.252

1.5 kB

URL
www.vugla.com/wp-content/themes/vugla/css/flexslider.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1526 bytes)
Hash
aed0d9c2792c1ca777bfce04eb08ae7a
64e98271e4539dbf8819fa9d801017423c9bc30b
7f7b09426068a9bacddeefcf29f89063307fdc903ac45a569853b8c452d9b62d

HTTP Headers

GET /wp-content/themes/vugla/css/flexslider.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 08 May 2014 09:18:47 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1526
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_reset.css

192.185.106.252

1.2 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_reset.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
1.2 kB (1152 bytes)
Hash
b5ae6c0ccd961d29a2924b03b0cbdd6e
3293dc40aa870c1cf79180eb7bd5c2ff28f3bd0a
0838fff76cfa3bad87963e64a610ea8d60b2dc8d0781a7531a2385f65de1ab2f

HTTP Headers

GET /wp-content/themes/vugla/css/style_reset.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:34 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1152
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/elastislide.css

192.185.106.252

674 B

URL
www.vugla.com/wp-content/themes/vugla/css/elastislide.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
674 B (674 bytes)
Hash
fac0ce1d7bcbe2001f963e204b03b3a4
fe650403bcbc74567e384eb3762c874835f6cad1
d8dcd83dfb6275b55ae8e495f6924dcfc52024a52f5639446a00de846ec7c7b9

HTTP Headers

GET /wp-content/themes/vugla/css/elastislide.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:21 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 674
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_320.css

192.185.106.252

2.4 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_320.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2413 bytes)
Hash
cc437b9ea4ed072bf7636ec9013f026d
df8db436e5193d474b97364dc0cd532a9b390fe5
4e92c5bc2c3f90209e1bec52f50461d8c04d82a539296918f0db0c61af63aab2

HTTP Headers

GET /wp-content/themes/vugla/css/style_320.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2413
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_400.css

192.185.106.252

2.4 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_400.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2412 bytes)
Hash
1150741460f65df53d2a23c598e5807c
5520fd0a709fdfdc80089452403dbfa49b79f7d4
e0e19f2d1b42abb0a12a95da1488a3fb300ceeb34984bc9e321063184acb019b

HTTP Headers

GET /wp-content/themes/vugla/css/style_400.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2412
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_768.css

192.185.106.252

2.5 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_768.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (408), with CRLF line terminators
Size
2.5 kB (2538 bytes)
Hash
14b717ed0c77c605f84b5b9a6b9892e9
5723bca38e18b8155b26f923590a05657911a377
6f37f5624b7bc60317a9c37a473fdf7dc34474d5f52cf169a7d52b35ca1dc0dd

HTTP Headers

GET /wp-content/themes/vugla/css/style_768.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:32 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2538
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.kursnalista.co/banners/banners.js

192.185.106.47

1.3 kB

URL
www.kursnalista.co/banners/banners.js
IP
192.185.106.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, Unicode text, UTF-8 text, with very long lines (394), with CRLF line terminators
Size
1.3 kB (1261 bytes)
Hash
0fa58c243ecc9c6ff829da27563c78c4
771e757dcaddc90a127b557e6a8a69b9dfe4767d
4631955f687225007a1227be7e662f1f45798c13a573f70670e748ff50aa194b

HTTP Headers

GET /banners/banners.js HTTP/1.1
Host: www.kursnalista.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sun, 10 Jul 2022 10:44:43 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1261
content-type: application/javascript
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/wpp.css

192.185.106.252

357 B

URL
www.vugla.com/wp-content/themes/vugla/css/wpp.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
357 B (357 bytes)
Hash
6b44660f121f565e2aab91b7b321ff28
62628718b7edeaccc74d1943d36bc1e0c9d16512
467aa063b813fd2fc1b3ebabc45d6e840d807dad90c169f0ee12f93bcf667851

HTTP Headers

GET /wp-content/themes/vugla/css/wpp.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:37 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 357
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/tabber.css

192.185.106.252

1.7 kB

URL
www.vugla.com/wp-content/themes/vugla/css/tabber.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
1.7 kB (1710 bytes)
Hash
a3e36a4db7b488bd984dd17c6e17cf63
33e7b11f7e1f149f954b6d938db9e36599816e8a
3609900b90f9835e1525c38bb6b1bcbffea0a14894799e54a07c2a9df09cb03d

HTTP Headers

GET /wp-content/themes/vugla/css/tabber.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1710
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_1024.css

192.185.106.252

2.3 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_1024.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
2.3 kB (2267 bytes)
Hash
7f4d3aa769cc8bb0e3c77745ff5c9d64
2da3458d48663a397a5a42c3bb52777bc5889dc0
7a6c4ca634ef663c6a3887df843fc04c40632ff46c53eb9f7d35bfcde21453b4

HTTP Headers

GET /wp-content/themes/vugla/css/style_1024.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:28 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2267
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js

173.233.137.52

9.3 kB

URL
pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
Unicode text, UTF-8 text, with very long lines (25075), with no line terminators
Size
9.3 kB (9271 bytes)
Hash
ae2b7f35852f25be484f17b71a29141e
8da918e98885fb9e8506cf18c99fc19468a0eeec
54977cb3de4063804c2d127bc01d2941d93b68429e7b0f156c61cd902062f7fc

HTTP Headers

GET /c9123167a2366d360cd4d80dad2ac358/invoke.js HTTP/1.1
Host: pl16411290.alternativecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 21:15:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5693719f67f3580117ad70027708a633
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js

173.233.137.36

15 kB

URL
pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (42838), with no line terminators
Size
15 kB (15444 bytes)
Hash
906536cb4171c6de26549e011e70a563
f4aa9cdf75d814c0e7250de7faaf4a6f7e92b467
709b3765f6347ec18445b390ee7116379062165184066dbf5c439611b6ae8ade

HTTP Headers

GET /d1/37/02/d137022925bcc2a680f8a4476ff94144.js HTTP/1.1
Host: pl15560907.passtechusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 21:15:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 317d0041322b458f8b9055bf86a71e40
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1

192.185.106.252

261 kB

URL
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
gzip compressed data, from Unix\012- data
Size
261 kB (260811 bytes)
Hash
76c13a2e93df5013bc01aba00fb05def
68c1f883c2a81699bb40f66a53996d02dd8b0b9f
2bbad5494995828d4f6da3abb3b1d45383a1b949258ac5aaf4f1d8fd73fe5101

HTTP Headers

GET /wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: application/javascript
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

48 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 317652
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/search-arrow.png

192.185.106.252

3.1 kB

URL
www.vugla.com/wp-content/themes/vugla/images/search-arrow.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 75 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3075 bytes)
Hash
3f8933cdf4d27e317eb59959257f8c7a
b16e414fcb1561603cbf4ac404ec8b6fae1563ff
167925a8f225d7fc340317265409496b2d90e4313bd7d70bca4262bb1477eaf0

HTTP Headers

GET /wp-content/themes/vugla/images/search-arrow.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:13 GMT
accept-ranges: bytes
content-length: 3075
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:10 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Sun, 03 Dec 2023 21:15:10 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html

192.185.106.252

0 B

URL
www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /ankaragucu-besiktas-golovi-03-12-2023.html HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-pingback: https://www.vugla.com/xmlrpc.php
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/", <https://www.vugla.com/wp-json/wp/v2/posts/575148>; rel="alternate"; type="application/json", <https://www.vugla.com/?p=575148>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=10800
expires: Mon, 04 Dec 2023 00:15:10 GMT
vary: User-Agent
referrer-policy: 
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 21:15:10 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html

192.185.106.252

0 B

URL
www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /ankaragucu-besiktas-golovi-03-12-2023.html HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-pingback: https://www.vugla.com/xmlrpc.php
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/", <https://www.vugla.com/wp-json/wp/v2/posts/575148>; rel="alternate"; type="application/json", <https://www.vugla.com/?p=575148>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=10800
expires: Mon, 04 Dec 2023 00:15:10 GMT
vary: User-Agent
referrer-policy: 
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 21:15:10 GMT
server: Apache
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

65 B

URL
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
4f929d0268889c2dbec63c426895f345
034695eafd8104225c00d0cdd07c55bba5221dc8
966f83ffd6128dfe2be40171b108ab5dd67862600b7bfce525d8d6e90175bd13

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 21:15:11 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=87152c3d614f422ebbd4a11e0bd94cab; expires=Mon, 02 Dec 2024 21:15:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

12 B

URL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1702
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 03 Dec 2023 21:15:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

eehuzaih.com/500/5005565?excludes=&oaid=87152c3d614f422ebbd4a11e0bd94cab&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0

139.45.197.237

0 B

URL
eehuzaih.com/500/5005565?excludes=&oaid=87152c3d614f422ebbd4a11e0bd94cab&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/5005565?excludes=&oaid=87152c3d614f422ebbd4a11e0bd94cab&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 21:15:11 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701638115616&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=30873613.1701638116&ul=en-us&sr=1280x1024&_s=1&sid=1701638115&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&dt=Ankaragucu%20Besiktas%20golovi%2003.12.2023%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4597

216.239.34.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701638115616&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=30873613.1701638116&ul=en-us&sr=1280x1024&_s=1&sid=1701638115&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&dt=Ankaragucu%20Besiktas%20golovi%2003.12.2023%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4597
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701638115616&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=30873613.1701638116&ul=en-us&sr=1280x1024&_s=1&sid=1701638115&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&dt=Ankaragucu%20Besiktas%20golovi%2003.12.2023%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4597 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.vugla.com
date: Sun, 03 Dec 2023 21:15:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg

104.22.33.172

19 kB

URL
offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg
IP
104.22.33.172:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
19 kB (19381 bytes)
Hash
71581bf2ce9a00138faf7dd80fe3e12e
56479135ed64bf23e1037067c0c87047eb8a414c
5d9f95c8c06343cc189b38268296615ed8816d8154b4b782ad0d62bedd23525e

HTTP Headers

GET /www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 21:15:11 GMT
content-type: image/jpeg
content-length: 19381
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
cache-control: max-age=86400
cf-bgj: h2pri
etag: "65674405-4bb5"
expires: Mon, 04 Dec 2023 14:08:56 GMT
last-modified: Wed, 29 Nov 2023 14:00:37 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 25575
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fed2d31b4970d9-ARN
X-Firefox-Spdy: h2

www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js

192.243.59.20

11 kB

URL
www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (29643), with no line terminators
Size
11 kB (10916 bytes)
Hash
223406d9dbf6d31ee7d9236d1c95ea29
8a45024df7b5013212b1fd369c5670655bd55b66
8eb1cd23b38e67fb1ec812debb06ff9f68891aeecaf2edeba8c0a73081c27ed0

HTTP Headers

GET /c3b6bab9a3e6c622d733121998e0014d/invoke.js HTTP/1.1
Host: www.variouscreativeformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 21:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 65b4fd3beb1a2252a3b0a06630a91021
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

216.58.207.227

50 kB

URL
fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 50368, version 1.0\012- data
Size
50 kB (50368 bytes)
Hash
4facfd6ff39e147b7e39c4b1abe4117d
0f7c0d978c209d21eb3f55950fc43e77c196ec3b
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

HTTP Headers

GET /s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:48:09 GMT
expires: Fri, 29 Nov 2024 04:48:09 GMT
cache-control: public, max-age=31536000
age: 318422
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/

192.185.106.252

126 kB

URL
www.vugla.com/
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
gzip compressed data, from Unix\012- data
Size
126 kB (126146 bytes)
Hash
bb22a2144b254db8104c5cf0643f07a6
7faa983ce12da095cdfd059b185aad73273148ba
143eb79ce829c0dea72a7b99b6e0b666632a1e2c5cfc279ec26ffacec3ef7d04

HTTP Headers

GET / HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/"
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=10800
expires: Mon, 04 Dec 2023 00:15:09 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2

216.58.207.227

38 kB

URL
fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37824, version 1.0\012- data
Size
38 kB (37824 bytes)
Hash
4d3f6b26b9a9546cf17b59f2983b0e4f
15fdb817ccaef89eba11c1fdc3f6c567cf723d53
b8bbb479c272a3669f0a05b93946ddbfe6bba7cb8133558b155844371b30c09c

HTTP Headers

GET /s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 23:22:41 GMT
expires: Fri, 29 Nov 2024 23:22:41 GMT
cache-control: public, max-age=31536000
age: 251550
last-modified: Wed, 13 Sep 2023 23:31:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1

192.185.106.252

58 kB

URL
www.vugla.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
gzip compressed data, from Unix\012- data
Size
58 kB (58525 bytes)
Hash
78e4249b40ceb245f7d9cc89c408c51a
c8bad7e40f1f16d5eedd097a075850033fe5fcdd
2c08b21a69c806e236ae32c50be15ba303dd6016d6d9a2604be0cda2e7ee30ea

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: text/css
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

216.58.207.227

35 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Size
35 kB (35120 bytes)
Hash
dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:49 GMT
expires: Thu, 28 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
age: 344302
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

216.58.207.227

35 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Size
35 kB (35120 bytes)
Hash
dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:49 GMT
expires: Thu, 28 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
age: 344302
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.157.203.0

40 B

URL
proftrafficcounter.com/stats
IP
18.157.203.0:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
e8a3912eb70f175c6cf8b9b78f11bcd0
fd645c1e37e3748236d50ae3bbb39ef5155f99eb
4f27afd7093f57121c4d8143ded337979919d79d7d34dbfb2376576e9852ec36

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 21:15:11 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.vugla.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=48fdcf7d-3f3c-4c9f-893c-fccdeae72034:2:1; expires=Wed, 30 Nov 2033 21:15:11 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.157.203.0

40 B

URL
proftrafficcounter.com/stats
IP
18.157.203.0:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
e8a3912eb70f175c6cf8b9b78f11bcd0
fd645c1e37e3748236d50ae3bbb39ef5155f99eb
4f27afd7093f57121c4d8143ded337979919d79d7d34dbfb2376576e9852ec36

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: uid_id2=48fdcf7d-3f3c-4c9f-893c-fccdeae72034:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 21:15:11 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.vugla.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

www.youtube.com/embed/R439nY9R8kg

142.250.74.78

88 kB

URL
www.youtube.com/embed/R439nY9R8kg
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58173)
Size
88 kB (87777 bytes)
Hash
7d4c4755e30bb22398dbb4a77f5d934f
71df3e748acca7733c62866217572fc97802c7a4
be6596a9b09be0fafb989a3186388fcc857206f50b962e4979df97be2f46c2e4

HTTP Headers

GET /embed/R439nY9R8kg HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 21:15:11 GMT
strict-transport-security: max-age=31536000
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=FhK496Maio4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=_Y9yEEIUeOo; Domain=.youtube.com; Expires=Fri, 31-May-2024 21:15:11 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxICEgA%3D; Domain=.youtube.com; Expires=Fri, 31-May-2024 21:15:11 GMT; Path=/; Secure; HttpOnly; SameSite=lax
CONSENT=PENDING+303; expires=Tue, 02-Dec-2025 21:15:11 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/embed.js

142.250.74.78

16 kB

URL
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/embed.js
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3391)
Size
16 kB (16506 bytes)
Hash
4b993df6aaec92ba17cc4d526ad2e4bd
a0b696788d5d621280e4f642b4c66875d40870cb
f21a803f0b7f63109cd608bfbe9769a3dc2e2a17c8e885826529d3981d15d313

HTTP Headers

GET /s/player/31e0b6d9/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/R439nY9R8kg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 16506
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:32:15 GMT
expires: Fri, 29 Nov 2024 04:32:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 319376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

15 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 10:04:07 GMT
expires: Fri, 29 Nov 2024 10:04:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 299464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

16 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 11:28:20 GMT
expires: Fri, 29 Nov 2024 11:28:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 294411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3

192.185.106.252

83 B

URL
www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701638115.1.0.1701638115.60.0.0; _ga=GA1.1.30873613.1701638116; prefetchAd_1316441=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Sun, 03 Dec 2023 21:15:11 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

142.250.74.78

98 kB

URL
www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (682)
Size
98 kB (98499 bytes)
Hash
24cd2bdc1dd00086a1efbc664060bb49
064027f89f2e8f22be774e7468f7ae4ab79efcbc
4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd

HTTP Headers

GET /s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/R439nY9R8kg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 98499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:32:12 GMT
expires: Fri, 29 Nov 2024 04:32:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 319379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.vugla.com/wp-content/themes/vugla/images/small-social-sprite.png

192.185.106.252

3.8 kB

URL
www.vugla.com/wp-content/themes/vugla/images/small-social-sprite.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 272 x 95, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3812 bytes)
Hash
1aabf6dabc51ca6168aa98fbecbf79e2
0e4cb499aff16fedb2097658da7d2baa1bdafaa8
09ac67d0b81afe77f52b59ee9abc68ba2dd7cf0ebbc85703c75a76c2586e93aa

HTTP Headers

GET /wp-content/themes/vugla/images/small-social-sprite.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701638115.1.0.1701638115.60.0.0; _ga=GA1.1.30873613.1701638116; prefetchAd_1316441=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:16 GMT
accept-ranges: bytes
content-length: 3812
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:11 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Sun, 03 Dec 2023 21:15:11 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/top-arrow.png

192.185.106.252

305 B

URL
www.vugla.com/wp-content/themes/vugla/images/top-arrow.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 50 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
305 B (305 bytes)
Hash
1fe20be2c98304e84623d10905435835
7ba0264f96984d92cfe0750c802f9af1ee7cb88b
1c3cbd61a972428028066c1e9abcfa7c0ef37d3b1de39d7b09455177a94eec52

HTTP Headers

GET /wp-content/themes/vugla/images/top-arrow.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701638115.1.0.1701638115.60.0.0; _ga=GA1.1.30873613.1701638116; prefetchAd_1316441=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:25 GMT
accept-ranges: bytes
content-length: 305
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:11 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Sun, 03 Dec 2023 21:15:11 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/backa-radnicki-nis-golovi-03-12-2023-290x166.jpg

192.185.106.252

15 kB

URL
www.vugla.com/wp-content/uploads/2023/12/backa-radnicki-nis-golovi-03-12-2023-290x166.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 290x166, components 3\012- data
Size
15 kB (14567 bytes)
Hash
046c854505c08bca88f5aeeff4dab82b
ff8e5a6dfdfeb66bfe42aa40567b6485979d3b67
c9df727f41bc7607dcf92ca15198cafc741a8d29e692517b504cb9ba09c22d2d

HTTP Headers

GET /wp-content/uploads/2023/12/backa-radnicki-nis-golovi-03-12-2023-290x166.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701638115.1.0.1701638115.60.0.0; _ga=GA1.1.30873613.1701638116; prefetchAd_1316441=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=48fdcf7d-3f3c-4c9f-893c-fccdeae72034%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 03 Dec 2023 20:42:24 GMT
accept-ranges: bytes
content-length: 14567
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:11 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:11 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/wrexham-yeovil-golovi-03-12-2023-290x166.jpg

192.185.106.252

12 kB

URL
www.vugla.com/wp-content/uploads/2023/12/wrexham-yeovil-golovi-03-12-2023-290x166.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 290x166, components 3\012- data
Size
12 kB (12184 bytes)
Hash
a70623614ab76c10334a80bc36d46b61
a3fb5bc6fa4bcd4dae0f389f36abc5b647a0eb9a
d2a7f141ce439a13fb1d079f2aa9ba6b061b3616dac4c69934af3ff0e1f1d5d8

HTTP Headers

GET /wp-content/uploads/2023/12/wrexham-yeovil-golovi-03-12-2023-290x166.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701638115.1.0.1701638115.60.0.0; _ga=GA1.1.30873613.1701638116; prefetchAd_1316441=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=48fdcf7d-3f3c-4c9f-893c-fccdeae72034%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 03 Dec 2023 20:38:37 GMT
accept-ranges: bytes
content-length: 12184
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:11 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:11 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

192.185.106.252

55 kB

URL
www.vugla.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
gzip compressed data, from Unix\012- data
Size
55 kB (54719 bytes)
Hash
a32f3bee18c0f681e37b2467883949bb
2a443fbe108a5a2547ebbb3970885ab4c7c1eb47
27916ba028aff9eca2cce97855cc4889be6de7388e6cbfc2692335b370aa0f91

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: application/javascript
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/almeria-betis-golovi-03-12-2023-290x166.jpg

192.185.106.252

15 kB

URL
www.vugla.com/wp-content/uploads/2023/12/almeria-betis-golovi-03-12-2023-290x166.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 290x166, components 3\012- data
Size
15 kB (14760 bytes)
Hash
93577ed0a2ffcda863ec8efdc7c0ebf3
5cf726085cbb21ff61f85a4ccf6a8315a17f16bd
b14a35fc3a6620090a38afae893010eeb35cbebf1f8ee1cd2cc1528ae713f559

HTTP Headers

GET /wp-content/uploads/2023/12/almeria-betis-golovi-03-12-2023-290x166.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701638115.1.0.1701638115.60.0.0; _ga=GA1.1.30873613.1701638116; prefetchAd_1316441=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=48fdcf7d-3f3c-4c9f-893c-fccdeae72034%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 03 Dec 2023 20:38:35 GMT
accept-ranges: bytes
content-length: 14760
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:11 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:11 GMT
server: Apache
X-Firefox-Spdy: h2

omoonsih.net/zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471

172.66.40.73

785 kB

URL
omoonsih.net/zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
IP
172.66.40.73:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (971)
Size
785 kB (784848 bytes)
Hash
64f047fe127c40083700b04d3811ca27
8f6e71715f3ae8766c33ae08d590fdc202bd865d
0dd4bfd4e574ecf2df30bcd49a6afbc84ffe9a14227f17502561dfca63a51ac7

HTTP Headers

GET /zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: omoonsih.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 21:15:11 GMT
content-type: application/json; charset=utf-8
x-trace-id: 8ccaf2d7232d32d25f8e9d1dca0d9f24
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrS8vkfjfmLVGcyl15ERYko4D5RyjCxbLhkx0HafKvZp4a2YItXu4UnOQ%2BmktjJlg5%2Fzka3IKeDvVik9z1k5L8D3mJhQGHcN5XU%2BgKeRhpQ9egvNbkZhOt71T%2FpzXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fed2d5c9655693-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3

192.185.106.252

83 B

URL
www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701638115.1.0.1701638115.60.0.0; _ga=GA1.1.30873613.1701638116; prefetchAd_1316441=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=48fdcf7d-3f3c-4c9f-893c-fccdeae72034%3A2%3A1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Sun, 03 Dec 2023 21:15:11 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.kursnalista.co/banners/it-servis/it-servis-300x600-2.jpg

192.185.106.47

124 kB

URL
www.kursnalista.co/banners/it-servis/it-servis-300x600-2.jpg
IP
192.185.106.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x600, components 3\012- data
Size
124 kB (123820 bytes)
Hash
e71b4edcde774c6af3b26df2f366abe9
ab409535626af65b2c499f3311455f59fc62c97b
070c30332d949e9975add2a3306611c6072d77fecfd73b74c04195e23861e173

HTTP Headers

GET /banners/it-servis/it-servis-300x600-2.jpg HTTP/1.1
Host: www.kursnalista.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 10 Jul 2022 10:44:29 GMT
accept-ranges: bytes
content-length: 123820
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:11 GMT
server: Apache
X-Firefox-Spdy: h2

omoonsih.net/custom

172.66.40.73

0 B

URL
omoonsih.net/custom
IP
172.66.40.73:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: omoonsih.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 21:15:11 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeHfJ5lSLON%2BmIl1C12tCIc5rdtXDWCcTDngG%2FmQBoNOERjQSa3hc7fjwBQm9rKd5RF8G3HZq5VR8ZZ9GDujZub%2Bd0XuXWNqtWp77P%2FkeJRAFR%2BrbQkOxudBGITPSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fed2d73be75693-OSL
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=80857708d8b24f21a27a8d72f4671fd8&zoneId=1548391&checkDuplicate=true&ymid=&var=

139.45.195.8

65 B

URL
my.rtmark.net/gid.js?pub=0&userId=80857708d8b24f21a27a8d72f4671fd8&zoneId=1548391&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
4f929d0268889c2dbec63c426895f345
034695eafd8104225c00d0cdd07c55bba5221dc8
966f83ffd6128dfe2be40171b108ab5dd67862600b7bfce525d8d6e90175bd13

HTTP Headers

GET /gid.js?pub=0&userId=80857708d8b24f21a27a8d72f4671fd8&zoneId=1548391&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Cookie: ID=87152c3d614f422ebbd4a11e0bd94cab
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 21:15:11 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=87152c3d614f422ebbd4a11e0bd94cab; expires=Mon, 02 Dec 2024 21:15:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

omoonsih.net/custom

172.66.40.73

39 B

URL
omoonsih.net/custom
IP
172.66.40.73:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: omoonsih.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 401
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 21:15:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 04cbf765a8171f4a9524879bb3a81c4c
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Bm9WrdHB7d4zB%2Bu0n3i1dTOxzwQRUe5Q8TLbvFJoBitOEt8Zfvm7POBZ223tMEeQvLri4oC0m9kBtXQZI34i9my7Olh8Z62%2BiHe5owVse8aBepdHNgSi9vI2GTHYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fed2d76c3c5693-OSL
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

0 B

URL
amunfezanttor.com/event
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 21:15:12 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

94 B

URL
amunfezanttor.com/event
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
4aa17f49ceb59cd88a72e17e9e5b7cde
961c9ba326d6be5424e4b6d8c860a71143deea78
f41b648ad4a8552e19f244e24015ef78396d9a3992c57e04bdfcfdf7eb7d4b23

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 540
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 21:15:12 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__

142.250.74.78

226 B

URL
apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
226 B (226 bytes)
Hash
4df07581948280a6e769a24c5d99d775
843a2c95362347eb8894a6acb607f139be65ded4
3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73

HTTP Headers

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 21:15:12 GMT
expires: Sun, 03 Dec 2023 21:45:12 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&sah=1024&drf=&hil=1&ist=0&oaid=87152c3d614f422ebbd4a11e0bd94cab

139.45.197.238

0 B

URL
tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&sah=1024&drf=&hil=1&ist=0&oaid=87152c3d614f422ebbd4a11e0bd94cab
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&sah=1024&drf=&hil=1&ist=0&oaid=87152c3d614f422ebbd4a11e0bd94cab HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sun, 03 Dec 2023 21:15:12 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2013/11/bckg-vugla-dark.jpg

192.185.106.252

267 kB

URL
www.vugla.com/wp-content/uploads/2013/11/bckg-vugla-dark.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 2000x1200, components 3\012- data
Size
267 kB (267247 bytes)
Hash
11e97d76a4b329319978b9da6f46b5b0
ae03d14a5b568ed59c1772ee2065e160e93428ae
9fbe33f0e52a532495bb5d56584e250e0d3cf1acc5a04acb7cbb2e39bb6c6a42

HTTP Headers

GET /wp-content/uploads/2013/11/bckg-vugla-dark.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701638115.1.0.1701638115.60.0.0; _ga=GA1.1.30873613.1701638116; prefetchAd_1316441=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=48fdcf7d-3f3c-4c9f-893c-fccdeae72034%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 20 Nov 2013 16:40:33 GMT
accept-ranges: bytes
content-length: 267247
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:12 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Sun, 03 Dec 2023 21:15:12 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/pattern-filter.png

192.185.106.252

2.8 kB

URL
www.vugla.com/wp-content/themes/vugla/images/pattern-filter.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2804 bytes)
Hash
6d6f2d483736ba6f70063740ddf2841b
3b9dee704da0bf19a56b46584a55226a137504a9
dca9f66f2ff2d735f415080def56d34e60cf13cc65668bf9b422103cd3bee2a5

HTTP Headers

GET /wp-content/themes/vugla/images/pattern-filter.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701638115.1.0.1701638115.60.0.0; _ga=GA1.1.30873613.1701638116; prefetchAd_1316441=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=48fdcf7d-3f3c-4c9f-893c-fccdeae72034%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:06 GMT
accept-ranges: bytes
content-length: 2804
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Mon, 02 Dec 2024 21:15:12 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Sun, 03 Dec 2023 21:15:12 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/js/scripts.js?ver=6.4.1

192.185.106.252

28 kB

URL
www.vugla.com/wp-content/themes/vugla/js/scripts.js?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with very long lines (1754), with CRLF line terminators
Size
28 kB (27598 bytes)
Hash
ef9b7abbc5670902d89c6d20af50b7c3
2593f7764d07fecf938574d3d93693f1974759d2
17cadc0ae5ff07b667c2150bce71007b771bcc75ce070fd2a697ee2e60109535

HTTP Headers

GET /wp-content/themes/vugla/js/scripts.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 12:00:03 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: application/javascript
date: Sun, 03 Dec 2023 21:15:09 GMT
server: Apache
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

94 B

URL
amunfezanttor.com/event
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
aded8ef7958bb2ffd5d0c4a4005fc510
6d5e7504a39c09b796267f4a19ff5194124d9ad7
8bbcd9880bc9c1e05c66976fef127041c17d63291590f8bd9feb54bf27356423

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 540
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 21:15:12 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

tharbadir.com/11?rnd=1743030801&z=2892323&b=15763363&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=ZIMTPZY8bWyo8gUa1VN-tu8s5UaWA3E5V180pud-Mg0WaE4PCzfskiKiBq9Je6ijUuO4ChJugBMFAQcdPmSPGnARzDjJi0lJ-HGt8KxgxSAMS8aVsHRz6ud5TRaVIPz81JP5k1T8LIRK7K7MZiN8ioXU9xqjrVh5BqAKZ01Qg-n3UjAL-goGuQ6U_khgfvDEwVSuO-CDRhgPYNsKQuunj90vPShRlfaVorQScmV3S6_5qhsWKA2KAGUm-4FoVQn1RB6gy7AYZxj0Z8CmfmViSDOMC23tUZGWxxNfpSTS3w_TNkUhmLu060MJH2h59C9csCJjCaI8cbaMmFMZzdUZoRmsuJFm5alC0ooYptk4_tXCrjpMlvplfWxnlqPaXcPUPA3RE50ddBCeRwE_ybFBSS23JlQj6KXkpwkjWYTOLqyJRXLdgzRsnCPI8UahnIqwcl5tadUSsl6AtBjnyfLdARjD7ya2wh0c4RmqptmBcz0Xm6RmB12tWo63erk7jb2sQYhPFwrzDDbhTSDm8txeV8kMzeY_oSjbrRB1i5cxgwWkIzVgC6lKS6avTwTislQ8x_qq_SKnNDv02diz6R5AdFeMg-RQs4bQyaOBwT0GFZ0kX75mBkqXmpHovsMC9q0RyRrG2bl2XmvI1ojSU3Dbyw3rfmIIH8ZddNTtzvMatJDPmQlJCMZTgoMa7SRCOwPlkZ6-rtivmAa2wae30XAk4e_9TpOm4VTY0NDvlZqeGvGxPMfOP3hrctDhN1r6EeobKC1HMGK0ffXrw0fUABZTs_VtDrh72FQ3eNmIdgcBmJ43SVZ15aRJWbd6MbbUdxOuzuQMs83O6W-jbaU0hITE2cjPW_sp6qVY_-flT6ETT8vxbh5kXrrOGhcu0Na_gEJMmvdr1ZbVXwKiukPk7JlmQQ==&ruid=caa8105a-a14a-450d-ae09-08b6e2385850&subid=755287590397026304&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&sah=1024&drf=&hil=1&ist=0&ot=342

139.45.197.238

0 B

URL
tharbadir.com/11?rnd=1743030801&z=2892323&b=15763363&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=ZIMTPZY8bWyo8gUa1VN-tu8s5UaWA3E5V180pud-Mg0WaE4PCzfskiKiBq9Je6ijUuO4ChJugBMFAQcdPmSPGnARzDjJi0lJ-HGt8KxgxSAMS8aVsHRz6ud5TRaVIPz81JP5k1T8LIRK7K7MZiN8ioXU9xqjrVh5BqAKZ01Qg-n3UjAL-goGuQ6U_khgfvDEwVSuO-CDRhgPYNsKQuunj90vPShRlfaVorQScmV3S6_5qhsWKA2KAGUm-4FoVQn1RB6gy7AYZxj0Z8CmfmViSDOMC23tUZGWxxNfpSTS3w_TNkUhmLu060MJH2h59C9csCJjCaI8cbaMmFMZzdUZoRmsuJFm5alC0ooYptk4_tXCrjpMlvplfWxnlqPaXcPUPA3RE50ddBCeRwE_ybFBSS23JlQj6KXkpwkjWYTOLqyJRXLdgzRsnCPI8UahnIqwcl5tadUSsl6AtBjnyfLdARjD7ya2wh0c4RmqptmBcz0Xm6RmB12tWo63erk7jb2sQYhPFwrzDDbhTSDm8txeV8kMzeY_oSjbrRB1i5cxgwWkIzVgC6lKS6avTwTislQ8x_qq_SKnNDv02diz6R5AdFeMg-RQs4bQyaOBwT0GFZ0kX75mBkqXmpHovsMC9q0RyRrG2bl2XmvI1ojSU3Dbyw3rfmIIH8ZddNTtzvMatJDPmQlJCMZTgoMa7SRCOwPlkZ6-rtivmAa2wae30XAk4e_9TpOm4VTY0NDvlZqeGvGxPMfOP3hrctDhN1r6EeobKC1HMGK0ffXrw0fUABZTs_VtDrh72FQ3eNmIdgcBmJ43SVZ15aRJWbd6MbbUdxOuzuQMs83O6W-jbaU0hITE2cjPW_sp6qVY_-flT6ETT8vxbh5kXrrOGhcu0Na_gEJMmvdr1ZbVXwKiukPk7JlmQQ==&ruid=caa8105a-a14a-450d-ae09-08b6e2385850&subid=755287590397026304&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&sah=1024&drf=&hil=1&ist=0&ot=342
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=1743030801&z=2892323&b=15763363&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=ZIMTPZY8bWyo8gUa1VN-tu8s5UaWA3E5V180pud-Mg0WaE4PCzfskiKiBq9Je6ijUuO4ChJugBMFAQcdPmSPGnARzDjJi0lJ-HGt8KxgxSAMS8aVsHRz6ud5TRaVIPz81JP5k1T8LIRK7K7MZiN8ioXU9xqjrVh5BqAKZ01Qg-n3UjAL-goGuQ6U_khgfvDEwVSuO-CDRhgPYNsKQuunj90vPShRlfaVorQScmV3S6_5qhsWKA2KAGUm-4FoVQn1RB6gy7AYZxj0Z8CmfmViSDOMC23tUZGWxxNfpSTS3w_TNkUhmLu060MJH2h59C9csCJjCaI8cbaMmFMZzdUZoRmsuJFm5alC0ooYptk4_tXCrjpMlvplfWxnlqPaXcPUPA3RE50ddBCeRwE_ybFBSS23JlQj6KXkpwkjWYTOLqyJRXLdgzRsnCPI8UahnIqwcl5tadUSsl6AtBjnyfLdARjD7ya2wh0c4RmqptmBcz0Xm6RmB12tWo63erk7jb2sQYhPFwrzDDbhTSDm8txeV8kMzeY_oSjbrRB1i5cxgwWkIzVgC6lKS6avTwTislQ8x_qq_SKnNDv02diz6R5AdFeMg-RQs4bQyaOBwT0GFZ0kX75mBkqXmpHovsMC9q0RyRrG2bl2XmvI1ojSU3Dbyw3rfmIIH8ZddNTtzvMatJDPmQlJCMZTgoMa7SRCOwPlkZ6-rtivmAa2wae30XAk4e_9TpOm4VTY0NDvlZqeGvGxPMfOP3hrctDhN1r6EeobKC1HMGK0ffXrw0fUABZTs_VtDrh72FQ3eNmIdgcBmJ43SVZ15aRJWbd6MbbUdxOuzuQMs83O6W-jbaU0hITE2cjPW_sp6qVY_-flT6ETT8vxbh5kXrrOGhcu0Na_gEJMmvdr1ZbVXwKiukPk7JlmQQ==&ruid=caa8105a-a14a-450d-ae09-08b6e2385850&subid=755287590397026304&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&sah=1024&drf=&hil=1&ist=0&ot=342 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: scm=1; OAID=87152c3d614f422ebbd4a11e0bd94cab; oaidts=1701638109
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 21:15:12 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: ad0acc68f641b399767d127eb7aed297
access-control-expose-headers: X-Sc
set-cookie: OAID=87152c3d614f422ebbd4a11e0bd94cab; expires=Mon, 02 Dec 2024 21:15:12 GMT; secure; SameSite=None
oaidts=1701638109; expires=Mon, 02 Dec 2024 21:15:12 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

tharbadir.com/121?rnd=1452988305&z=2892323&b=15763363&c=6332999&var=&varid=0&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D755287590397026304&cln={CELL_NUMBER}&btp=7&rb=ZIMTPZY8bWyo8gUa1VN-tu8s5UaWA3E5V180pud-Mg0WaE4PCzfskiKiBq9Je6ijUuO4ChJugBMFAQcdPmSPGnARzDjJi0lJ-HGt8KxgxSAMS8aVsHRz6ud5TRaVIPz81JP5k1T8LIRK7K7MZiN8ioXU9xqjrVh5BqAKZ01Qg-n3UjAL-goGuQ6U_khgfvDEwVSuO-CDRhgPYNsKQuunj90vPShRlfaVorQScmV3S6_5qhsWKA2KAGUm-4FoVQn1RB6gy7AYZxj0Z8CmfmViSDOMC23tUZGWxxNfpSTS3w_TNkUhmLu060MJH2h59C9csCJjCaI8cbaMmFMZzdUZoRmsuJFm5alC0ooYptk4_tXCrjpMlvplfWxnlqPaXcPUPA3RE50ddBCeRwE_ybFBSS23JlQj6KXkpwkjWYTOLqyJRXLdgzRsnCPI8UahnIqwcl5tadUSsl6AtBjnyfLdARjD7ya2wh0c4RmqptmBcz0Xm6RmB12tWo63erk7jb2sQYhPFwrzDDbhTSDm8txeV8kMzeY_oSjbrRB1i5cxgwWkIzVgC6lKS6avTwTislQ8x_qq_SKnNDv02diz6R5AdFeMg-RQs4bQyaOBwT0GFZ0kX75mBkqXmpHovsMC9q0RyRrG2bl2XmvI1ojSU3Dbyw3rfmIIH8ZddNTtzvMatJDPmQlJCMZTgoMa7SRCOwPlkZ6-rtivmAa2wae30XAk4e_9TpOm4VTY0NDvlZqeGvGxPMfOP3hrctDhN1r6EeobKC1HMGK0ffXrw0fUABZTs_VtDrh72FQ3eNmIdgcBmJ43SVZ15aRJWbd6MbbUdxOuzuQMs83O6W-jbaU0hITE2cjPW_sp6qVY_-flT6ETT8vxbh5kXrrOGhcu0Na_gEJMmvdr1ZbVXwKiukPk7JlmQQ==&bag=97ZlbnDJSTtOHYmpKqq-xDUzE_yz9A9r&ruid=caa8105a-a14a-450d-ae09-08b6e2385850&subid=755287590397026304

139.45.197.238

0 B

URL
tharbadir.com/121?rnd=1452988305&z=2892323&b=15763363&c=6332999&var=&varid=0&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D755287590397026304&cln={CELL_NUMBER}&btp=7&rb=ZIMTPZY8bWyo8gUa1VN-tu8s5UaWA3E5V180pud-Mg0WaE4PCzfskiKiBq9Je6ijUuO4ChJugBMFAQcdPmSPGnARzDjJi0lJ-HGt8KxgxSAMS8aVsHRz6ud5TRaVIPz81JP5k1T8LIRK7K7MZiN8ioXU9xqjrVh5BqAKZ01Qg-n3UjAL-goGuQ6U_khgfvDEwVSuO-CDRhgPYNsKQuunj90vPShRlfaVorQScmV3S6_5qhsWKA2KAGUm-4FoVQn1RB6gy7AYZxj0Z8CmfmViSDOMC23tUZGWxxNfpSTS3w_TNkUhmLu060MJH2h59C9csCJjCaI8cbaMmFMZzdUZoRmsuJFm5alC0ooYptk4_tXCrjpMlvplfWxnlqPaXcPUPA3RE50ddBCeRwE_ybFBSS23JlQj6KXkpwkjWYTOLqyJRXLdgzRsnCPI8UahnIqwcl5tadUSsl6AtBjnyfLdARjD7ya2wh0c4RmqptmBcz0Xm6RmB12tWo63erk7jb2sQYhPFwrzDDbhTSDm8txeV8kMzeY_oSjbrRB1i5cxgwWkIzVgC6lKS6avTwTislQ8x_qq_SKnNDv02diz6R5AdFeMg-RQs4bQyaOBwT0GFZ0kX75mBkqXmpHovsMC9q0RyRrG2bl2XmvI1ojSU3Dbyw3rfmIIH8ZddNTtzvMatJDPmQlJCMZTgoMa7SRCOwPlkZ6-rtivmAa2wae30XAk4e_9TpOm4VTY0NDvlZqeGvGxPMfOP3hrctDhN1r6EeobKC1HMGK0ffXrw0fUABZTs_VtDrh72FQ3eNmIdgcBmJ43SVZ15aRJWbd6MbbUdxOuzuQMs83O6W-jbaU0hITE2cjPW_sp6qVY_-flT6ETT8vxbh5kXrrOGhcu0Na_gEJMmvdr1ZbVXwKiukPk7JlmQQ==&bag=97ZlbnDJSTtOHYmpKqq-xDUzE_yz9A9r&ruid=caa8105a-a14a-450d-ae09-08b6e2385850&subid=755287590397026304
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /121?rnd=1452988305&z=2892323&b=15763363&c=6332999&var=&varid=0&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D755287590397026304&cln={CELL_NUMBER}&btp=7&rb=ZIMTPZY8bWyo8gUa1VN-tu8s5UaWA3E5V180pud-Mg0WaE4PCzfskiKiBq9Je6ijUuO4ChJugBMFAQcdPmSPGnARzDjJi0lJ-HGt8KxgxSAMS8aVsHRz6ud5TRaVIPz81JP5k1T8LIRK7K7MZiN8ioXU9xqjrVh5BqAKZ01Qg-n3UjAL-goGuQ6U_khgfvDEwVSuO-CDRhgPYNsKQuunj90vPShRlfaVorQScmV3S6_5qhsWKA2KAGUm-4FoVQn1RB6gy7AYZxj0Z8CmfmViSDOMC23tUZGWxxNfpSTS3w_TNkUhmLu060MJH2h59C9csCJjCaI8cbaMmFMZzdUZoRmsuJFm5alC0ooYptk4_tXCrjpMlvplfWxnlqPaXcPUPA3RE50ddBCeRwE_ybFBSS23JlQj6KXkpwkjWYTOLqyJRXLdgzRsnCPI8UahnIqwcl5tadUSsl6AtBjnyfLdARjD7ya2wh0c4RmqptmBcz0Xm6RmB12tWo63erk7jb2sQYhPFwrzDDbhTSDm8txeV8kMzeY_oSjbrRB1i5cxgwWkIzVgC6lKS6avTwTislQ8x_qq_SKnNDv02diz6R5AdFeMg-RQs4bQyaOBwT0GFZ0kX75mBkqXmpHovsMC9q0RyRrG2bl2XmvI1ojSU3Dbyw3rfmIIH8ZddNTtzvMatJDPmQlJCMZTgoMa7SRCOwPlkZ6-rtivmAa2wae30XAk4e_9TpOm4VTY0NDvlZqeGvGxPMfOP3hrctDhN1r6EeobKC1HMGK0ffXrw0fUABZTs_VtDrh72FQ3eNmIdgcBmJ43SVZ15aRJWbd6MbbUdxOuzuQMs83O6W-jbaU0hITE2cjPW_sp6qVY_-flT6ETT8vxbh5kXrrOGhcu0Na_gEJMmvdr1ZbVXwKiukPk7JlmQQ==&bag=97ZlbnDJSTtOHYmpKqq-xDUzE_yz9A9r&ruid=caa8105a-a14a-450d-ae09-08b6e2385850&subid=755287590397026304 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: scm=1; OAID=87152c3d614f422ebbd4a11e0bd94cab; oaidts=1701638109
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sun, 03 Dec 2023 21:15:12 GMT
content-length: 0
location: https://www.nbfcs.org/#signUp=755287590397026304
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 6fead378351f4b2a986148bc0739a2bd
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

www.profitabledisplaycontent.com/watch.692371119826.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22ankaragucu%22%2C%22besiktas%22%2C%22golovi%22%2C%2203%22%2C%2212%22%2C%222023%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&tz=0&dev=e&res=14.3095&uuid=48fdcf7d-3f3c-4c9f-893c-fccdeae72034%3A2%3A1&shu=505f5db2ca04e958785f51e2e3bc007ec5aa2d34fbc7e069f105bd607fd400697212bdd34e60d9ac4f3560b8155a9d59cccda81d464fe9d945fd9d68868ebf2407427dd7f64b2f1dee4d78775a2272732710f9a6db379f61293da2b4646198&pst=1701638172&rmtc=t

173.233.137.52

643 B

URL
www.profitabledisplaycontent.com/watch.692371119826.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22ankaragucu%22%2C%22besiktas%22%2C%22golovi%22%2C%2203%22%2C%2212%22%2C%222023%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&tz=0&dev=e&res=14.3095&uuid=48fdcf7d-3f3c-4c9f-893c-fccdeae72034%3A2%3A1&shu=505f5db2ca04e958785f51e2e3bc007ec5aa2d34fbc7e069f105bd607fd400697212bdd34e60d9ac4f3560b8155a9d59cccda81d464fe9d945fd9d68868ebf2407427dd7f64b2f1dee4d78775a2272732710f9a6db379f61293da2b4646198&pst=1701638172&rmtc=t
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document, ASCII text, with very long lines (603)
Size
643 B (643 bytes)
Hash
a7ddc4cb3d474a20fffa1e71e840e429
252169dc2a35eec55e0ee93d6f8425cc5b6cd125
ed18950b293e0f3579e708fe3247e179511b21645e524ede5b9e762caa84c40b

HTTP Headers

GET /watch.692371119826.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22ankaragucu%22%2C%22besiktas%22%2C%22golovi%22%2C%2203%22%2C%2212%22%2C%222023%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&tz=0&dev=e&res=14.3095&uuid=48fdcf7d-3f3c-4c9f-893c-fccdeae72034%3A2%3A1&shu=505f5db2ca04e958785f51e2e3bc007ec5aa2d34fbc7e069f105bd607fd400697212bdd34e60d9ac4f3560b8155a9d59cccda81d464fe9d945fd9d68868ebf2407427dd7f64b2f1dee4d78775a2272732710f9a6db379f61293da2b4646198&pst=1701638172&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
Referer: https://www.vugla.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=14611544; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDYxMTU0NCwiayI6ImMzYjZiYWI5YTNlNmM2MjJkNzMzMTIxOTk4ZTAwMTRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDcwMTYsInBpZCI6ODU0ODQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjcsInB0Ijo0LCJwayI6ImUydHg4d3EydHciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tL2Fua2FyYWd1Y3UtYmVzaWt0YXMtZ29sb3ZpLTAzLTEyLTIwMjMuaHRtbCIsImFyIjpbXX19.qq8WikG4qefY15XKVESEq8nNSXmWALd_Ka9YaSHfWjc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 21:15:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=48fdcf7d-3f3c-4c9f-893c-fccdeae72034:2:1; expires=Sun, 10 Dec 2023 21:15:12 GMT; secure; SameSite=None
iprcbe3b0bf2e0a538642e2e3ee02c0140b3=2717342; expires=Mon, 04 Dec 2023 23:15:12 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 21:15:12 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 21:15:12 GMT; secure; SameSite=None
pdhtkv27=true; expires=Mon, 04 Dec 2023 21:15:12 GMT; secure; SameSite=None
uncs27=1; expires=Mon, 04 Dec 2023 21:15:12 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8632c1401cfa5789f00c1d31c29feeb4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

enclosedsponge.com/ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3

192.243.61.227

13 kB

URL
enclosedsponge.com/ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (12802), with no line terminators
Size
13 kB (12803 bytes)
Hash
a012255b6e70d3d7f43aa606e3b7334b
ff9546176adc8ac2a3e4160f25711dadc7fd097b
94370c18d76fe9a34758d3ff2ed1da888fad3b5f67676d6b850b8ee9ff3c1c14

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3 HTTP/1.1
Host: enclosedsponge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 21:15:12 GMT
Content-Type: application/json
Content-Length: 12803
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16310791; expires=Mon, 04 Dec 2023 21:15:12 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 21:15:12 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 21:15:12 GMT; secure; SameSite=None
pdhtkv49=true; expires=Mon, 04 Dec 2023 21:15:12 GMT; secure; SameSite=None
uncs49=1; expires=Mon, 04 Dec 2023 21:15:12 GMT; secure; SameSite=None
nlecc9123167a2366d360cd4d80dad2ac358=[2229212,3637745,2106764]; expires=Sun, 03 Dec 2023 21:15:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 486ea9ca07857cd7c5635b57aed6ef66
Strict-Transport-Security: max-age=0; includeSubdomains

jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

142.250.74.74

0 B

URL
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 03 Dec 2023 21:15:12 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

142.250.74.74

33 kB

URL
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
33 kB (32779 bytes)
Hash
cb7e46994b58ee684a784f8a58ec8abf
b57e450e1f894b34467938d23dac6aa75ca25596
0bba8b4472e3b6cdc7a8706ce04b89f4d5594b21d98039db743fe45844bf2cb8

HTTP Headers

POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 03 Dec 2023 21:15:12 GMT
server: ESF
cache-control: private
content-length: 32779
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.ytimg.com/vi_webp/R439nY9R8kg/sddefault.webp

142.250.74.86

43 kB

URL
i.ytimg.com/vi_webp/R439nY9R8kg/sddefault.webp
IP
142.250.74.86:0
ASN
#15169 GOOGLE

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
43 kB (43052 bytes)
Hash
a02345be34e866152ecd45d886c2cc0e
c6c3dd1d5464546f3a16b9a380035b3a27e54e29
7c9d0b6a45e6d80ebb4b60635aab720cddaf90618f6a59fb22334c2911b4f61b

HTTP Headers

GET /vi_webp/R439nY9R8kg/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 43052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 21:10:37 GMT
expires: Sun, 03 Dec 2023 21:15:37 GMT
cache-control: public, max-age=300
etag: "1701628906"
content-type: image/webp
vary: Origin
age: 275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

104.21.11.245

7.4 kB

URL
tzegilo.com/stattag.js
IP
104.21.11.245:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (18369)
Size
7.4 kB (7366 bytes)
Hash
89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 21:15:10 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Z80%2BJ1NNu0lFxRENu6uz8dE5o0MnRzM34ibHYJ1seQdCojqRCzZD6y%2Bzft6Ae8PIfg%2F5e6NjBjKv5m8nsdIqUDepd2MA4qxsNhTrcX2nyVvI5V5coRjGRDbhpy%2BqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fed2cfdc0256ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg

45.133.44.9

21 kB

URL
cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
21 kB (20566 bytes)
Hash
8f4953c1b8baece7bb7d226247561ce2
da5d440970606602026d7900a55ae2fd27a3f170
8fd9df7d8e48ff2519631e82e01519d4f1c65abd41ec977c18abb58df9832919

HTTP Headers

GET /si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 21:15:12 GMT
content-type: image/jpeg
content-length: 20566
server: nginx/1.21.6
last-modified: Thu, 01 Sep 2022 12:51:28 GMT
etag: "6310aad0-5056"
expires: Tue, 05 Dec 2023 21:15:12 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

216.58.207.227

12 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11936, version 1.0\012- data
Size
12 kB (11936 bytes)
Hash
15d8ede0a816bc7a9838207747c6620c
f6e2e75f1277c66e282553ae6a22661e51f472b8
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 23:21:55 GMT
expires: Fri, 29 Nov 2024 23:21:55 GMT
cache-control: public, max-age=31536000
age: 251597
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg

45.133.44.9

29 kB

URL
cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
29 kB (28852 bytes)
Hash
76f54f42b70d14a6d6bfe2f8b1945265
197daa3737be8968bf39ff28000663c1c17deeb2
c864fde3026e05a2cc34b4348fa4888d3ae44202179277877d082cadd9971abc

HTTP Headers

GET /cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 21:15:12 GMT
content-type: image/jpeg
content-length: 28852
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:18:59 GMT
etag: "61124483-70b4"
expires: Tue, 05 Dec 2023 21:15:12 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg

45.133.44.9

30 kB

URL
cdn.cloudimagesb.com/cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
30 kB (30127 bytes)
Hash
a87779ccaaa4021b0b4f33812742679a
87322480f885dc0b6463c182b7bdb3eb60ab2592
a8f8dbc930527f94496d5a9883b6034e27a673090a89b518596d6e2b656df96f

HTTP Headers

GET /cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 21:15:12 GMT
content-type: image/jpeg
content-length: 30127
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:15:44 GMT
etag: "611243c0-75af"
expires: Tue, 05 Dec 2023 21:15:12 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/remote.js

142.250.74.78

34 kB

URL
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/remote.js
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (537)
Size
34 kB (33484 bytes)
Hash
63aa8296f70f3dcbf8b5df6faf8d46c3
2494976b44b1d3ec3b5825297e243679e7cca1dd
869da04350e0925de923dd2c39c41d18ba0625e3541bd5059ed5a611550552b6

HTTP Headers

GET /s/player/31e0b6d9/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/R439nY9R8kg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33484
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:32:21 GMT
expires: Fri, 29 Nov 2024 04:32:21 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 319372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

142.250.74.78

31 B

URL
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text
Size
31 B (31 bytes)
Hash
5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

HTTP Headers

POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1701638118276
Content-Type: application/json
X-Goog-Visitor-Id: CgtfWTl5RUVJVWVPbyjf37OrBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231128.01.01
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1701638117256&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C620%2C390&vis=1&wgl=true&ca_type=image
Content-Length: 8842
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/R439nY9R8kg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sun, 03 Dec 2023 21:15:13 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+769; expires=Tue, 02-Dec-2025 21:15:13 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 21:15:13 GMT
cache-control: private

yt3.ggpht.com/_SYeayAB7OHzATSVuZgGyPj4leRcF5FZQVqF0x1lXfAYZHrXuh1wdNBJC0VtWVjtjK4HjYpR2A=s68-c-k-c0x00ffffff-no-rj

142.250.74.161

1.9 kB

URL
yt3.ggpht.com/_SYeayAB7OHzATSVuZgGyPj4leRcF5FZQVqF0x1lXfAYZHrXuh1wdNBJC0VtWVjtjK4HjYpR2A=s68-c-k-c0x00ffffff-no-rj
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Size
1.9 kB (1865 bytes)
Hash
391f56b3b95008ecbd9e17606cd64b03
88fb31c61904c8b34185fa41da236a2de0c79d2f
3c822673e1799745e99ca1946a274f2769d486e15d435ba13bf7f3626dced512

HTTP Headers

GET /_SYeayAB7OHzATSVuZgGyPj4leRcF5FZQVqF0x1lXfAYZHrXuh1wdNBJC0VtWVjtjK4HjYpR2A=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1865
x-xss-protection: 0
date: Sun, 03 Dec 2023 18:39:00 GMT
expires: Mon, 04 Dec 2023 18:39:00 GMT
cache-control: public, max-age=86400, no-transform
age: 9373
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/js/th/lYY52XQrUlH64Wh-f-QMzQSikq1nuSlNPE5Z4_DU2e4.js

216.58.211.4

15 kB

URL
www.google.com/js/th/lYY52XQrUlH64Wh-f-QMzQSikq1nuSlNPE5Z4_DU2e4.js
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (38673)
Size
15 kB (15149 bytes)
Hash
1e5f8b711886c56ac3b42b46e8a98b36
801b5154aa0c22d8cca350a48af2682456633fde
958639d9742b5251fae1687e7fe40ccd04a292ad67b9294d3c4e59e3f0d4d9ee

HTTP Headers

GET /js/th/lYY52XQrUlH64Wh-f-QMzQSikq1nuSlNPE5Z4_DU2e4.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 15149
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 07:30:13 GMT
expires: Mon, 02 Dec 2024 07:30:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Nov 2023 17:00:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 49500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

142.250.74.74

0 B

URL
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 03 Dec 2023 21:15:13 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

142.250.74.74

114 B

URL
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
114 B (114 bytes)
Hash
ccd2f0afb9b8183b660b30a3d2c2f7b4
91524747417414ebe4b7b2b5bdcc3b9214bc2816
b71e8b3f2933b27434f6897ee569f5f6771a73f2fb24446c0fa61e37e7a44c2d

HTTP Headers

POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 919
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 03 Dec 2023 21:15:13 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

turnminimizeinterference.com/pixel/sbe?t=1&error=timeout

173.233.137.44

0 B

URL
turnminimizeinterference.com/pixel/sbe?t=1&error=timeout
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: turnminimizeinterference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 21:15:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.youtube.com/generate_204?DZnIhA

142.250.74.78

0 B

URL
www.youtube.com/generate_204?DZnIhA
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /generate_204?DZnIhA HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/R439nY9R8kg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 21:15:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.nbfcs.org/

15.197.212.58

1.2 kB

URL
www.nbfcs.org/
IP
15.197.212.58:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1177), with no line terminators
Size
1.2 kB (1177 bytes)
Hash
ac31a44b8e766d58079bd7a52676f652
0e924164f1acd9d700002cb942b58964b12f8e00
5f44fbb4e200e2691a00fe45d975e24b4c4d29434893cab7c0c6c4447a8d8b69

HTTP Headers

GET / HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 03 Dec 2023 21:15:13 GMT
Content-Type: text/html
Content-Length: 1177
Last-Modified: Thu, 30 Nov 2023 23:50:58 GMT
Connection: keep-alive
ETag: "65691fe2-499"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_ENz/K+PjBN0f7d4uAK6i9sVttzh1wtg6nZ+1UAvE7vPXElYhzDXKeeVTCrm3d3z1MlDESrhhCv293G+wNltFFw
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=10.116.88.116;Path=/;Max-Age=86400;
country=;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.EXPIRED.305E185C-5D0C-4AD0-86FE-5F99F413CC83;Path=/;Max-Age=86400;
Accept-Ranges: bytes

conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14611544

192.243.59.12

1.4 kB

URL
conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14611544
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (488)
Size
1.4 kB (1402 bytes)
Hash
51c2ce050d5c6f305b0b5b72cf4eee54
c19978ab75eeb9e94ea80ab81f5ddd1f51c0e8f7
86290e670566ccbd2e091201c432a943c8a15b976745e403df6cf4b6cdaa4626

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14611544 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 21:15:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Mon, 04 Dec 2023 21:15:13 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTQ2MTE1NDQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tLyIsImFyIjpbXX19._kMba8V6HzMXM_VBffdMTfsxb4qAX7zxUo7Z4PryQbo; expires=Sun, 03 Dec 2023 21:16:13 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a7da0a87153f7d9ce7c4fa7bb1ab4347
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

img1.wsimg.com/parking-lander/static/css/main.ba077a97.css

23.36.79.16

187 B

URL
img1.wsimg.com/parking-lander/static/css/main.ba077a97.css
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
187 B (187 bytes)
Hash
92cc7bc9897bfb97adb18591dc4642cb
1c42dc26c819be8dd5f5ada83532d7982353e6b3
73cf1f3e2f04d158ad8de2ad926353b2ba0f1e25b145fe063f467120a1341ea8

HTTP Headers

GET /parking-lander/static/css/main.ba077a97.css HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: hVbAf+7gM2hs36Ag33XHe7fO+0CTgKGXqo80SHegVu0xTx8rqccrPuEXRFHrKfUVzwyRYRPRwMc=
x-amz-request-id: PQPBQ8C3KHV43R4Q
last-modified: Mon, 13 Nov 2023 23:32:18 GMT
etag: "92cc7bc9897bfb97adb18591dc4642cb"
x-amz-server-side-encryption: AES256
x-amz-version-id: S.cohGeac3FUy_snjCsO9LOvUc0sPSaD
accept-ranges: bytes
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Mon, 02 Dec 2024 21:15:13 GMT
date: Sun, 03 Dec 2023 21:15:13 GMT
content-length: 187
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

img1.wsimg.com/parking-lander/static/js/main.ca05d067.js

23.36.79.16

202 kB

URL
img1.wsimg.com/parking-lander/static/js/main.ca05d067.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65465)
Size
202 kB (201631 bytes)
Hash
811ad71e90aa2b6a4607d0c1abbca408
d3b5cfd3d7538378bf5da3585e2a9a46710acab3
c3b904813a72bc219c9c46e65ff8b8a33c38d43cc6d34db4c8f8954345bf0546

HTTP Headers

GET /parking-lander/static/js/main.ca05d067.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: c8hjmLnDuVk9nHjTqy25LgrKTbAyAv+baovVpZAWVFLLgac+8N0pElG9ybKtGLg8uOnJGkhyLEuhvDa/3KQS9Q==
x-amz-request-id: VB1W3MK3N64FD90M
last-modified: Thu, 30 Nov 2023 23:39:15 GMT
etag: "811ad71e90aa2b6a4607d0c1abbca408"
x-amz-server-side-encryption: AES256
x-amz-version-id: 81MuOeXvMcGTDHro98HRrw2Z00ZGzEYB
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 201631
cache-control: max-age=31536000
expires: Mon, 02 Dec 2024 21:15:13 GMT
date: Sun, 03 Dec 2023 21:15:13 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.nbfcs.org/px.js?ch=1&abp=1

15.197.212.58

476 B

URL
www.nbfcs.org/px.js?ch=1&abp=1
IP
15.197.212.58:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
476 B (476 bytes)
Hash
d2183968f9080b37babfeba3ccf10df2
24b9cf589ee6789e567fac3ae5acfc25826d00c6
4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc

HTTP Headers

GET /px.js?ch=1&abp=1 HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 03 Dec 2023 21:15:13 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Thu, 30 Nov 2023 23:51:13 GMT
Connection: keep-alive
ETag: "65691ff1-1dc"
Accept-Ranges: bytes

www.nbfcs.org/px.js?ch=2&abp=1

15.197.212.58

476 B

URL
www.nbfcs.org/px.js?ch=2&abp=1
IP
15.197.212.58:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
476 B (476 bytes)
Hash
d2183968f9080b37babfeba3ccf10df2
24b9cf589ee6789e567fac3ae5acfc25826d00c6
4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc

HTTP Headers

GET /px.js?ch=2&abp=1 HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 03 Dec 2023 21:15:14 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Thu, 30 Nov 2023 23:51:13 GMT
Connection: keep-alive
ETag: "65691ff1-1dc"
Accept-Ranges: bytes

region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701638115616&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=30873613.1701638116&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701638115&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&dt=Ankaragucu%20Besiktas%20golovi%2003.12.2023%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=8023

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701638115616&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=30873613.1701638116&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701638115&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&dt=Ankaragucu%20Besiktas%20golovi%2003.12.2023%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=8023
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/ankaragucu-besiktas-golovi-03-12-2023.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701638115616&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=30873613.1701638116&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701638115&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&dt=Ankaragucu%20Besiktas%20golovi%2003.12.2023%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=8023 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://www.vugla.com
date: Sun, 03 Dec 2023 21:15:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE0NjExNTQ0JnBzdD0xNzAxNjM4MTczJnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnZ1Z2xhLmNvbSUyRiZybXRjPXQmc2h1PWNkZWJlNzFkNjgxZDZmZmU2NTE4Mjg4YzhkMGNjOWQyMjIzMWVjNTFjMmQ4MmVjZjkxNmY5ODVlZTAzMzdkMWVmMWNlZTI0NzQ5Njk5ZTI4ZTJhZmYzYjM2NDY2NDZlNWIzNTM2YmMxZDBlZjU1MGJmMjkzNTRhMzc2NjY0MTBiOGU5MGNhZGE1YjFkNjIyZGJlYWMxNGZkNzMwYjBkMDVlNDI3ODQ4M2FmMzQ0MjRiNDBkODQxNTc4OWFjNWFkN2QyZGIwYw%3D%3D&uuid=&pii=&in=false

173.233.137.52

0 B

URL
conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE0NjExNTQ0JnBzdD0xNzAxNjM4MTczJnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnZ1Z2xhLmNvbSUyRiZybXRjPXQmc2h1PWNkZWJlNzFkNjgxZDZmZmU2NTE4Mjg4YzhkMGNjOWQyMjIzMWVjNTFjMmQ4MmVjZjkxNmY5ODVlZTAzMzdkMWVmMWNlZTI0NzQ5Njk5ZTI4ZTJhZmYzYjM2NDY2NDZlNWIzNTM2YmMxZDBlZjU1MGJmMjkzNTRhMzc2NjY0MTBiOGU5MGNhZGE1YjFkNjIyZGJlYWMxNGZkNzMwYjBkMDVlNDI3ODQ4M2FmMzQ0MjRiNDBkODQxNTc4OWFjNWFkN2QyZGIwYw%3D%3D&uuid=&pii=&in=false
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE0NjExNTQ0JnBzdD0xNzAxNjM4MTczJnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnZ1Z2xhLmNvbSUyRiZybXRjPXQmc2h1PWNkZWJlNzFkNjgxZDZmZmU2NTE4Mjg4YzhkMGNjOWQyMjIzMWVjNTFjMmQ4MmVjZjkxNmY5ODVlZTAzMzdkMWVmMWNlZTI0NzQ5Njk5ZTI4ZTJhZmYzYjM2NDY2NDZlNWIzNTM2YmMxZDBlZjU1MGJmMjkzNTRhMzc2NjY0MTBiOGU5MGNhZGE1YjFkNjIyZGJlYWMxNGZkNzMwYjBkMDVlNDI3ODQ4M2FmMzQ0MjRiNDBkODQxNTc4OWFjNWFkN2QyZGIwYw%3D%3D&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTQ2MTE1NDQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tLyIsImFyIjpbXX19._kMba8V6HzMXM_VBffdMTfsxb4qAX7zxUo7Z4PryQbo; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 21:15:14 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=300ec91e009cc480d91509aa3d5ca4e0&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
Set-Cookie: iprc58af4f8af92690382f3846d1d5efb864=4641329; expires=Mon, 04 Dec 2023 21:15:14 GMT
pdhtkv=true; expires=Mon, 04 Dec 2023 21:15:14 GMT
uncs=1; expires=Mon, 04 Dec 2023 21:15:14 GMT
pdhtkv28=true; expires=Mon, 04 Dec 2023 21:15:14 GMT
uncs28=1; expires=Mon, 04 Dec 2023 21:15:14 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cf4368f595dce916c327d7fab344cc94
Strict-Transport-Security: max-age=0; includeSubdomains

violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=300ec91e009cc480d91509aa3d5ca4e0&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625

192.64.81.118

0 B

URL
violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=300ec91e009cc480d91509aa3d5ca4e0&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
IP
192.64.81.118:0
ASN
#19318 IS-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=300ec91e009cc480d91509aa3d5ca4e0&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625 HTTP/1.1
Host: violationphysics.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sun, 03 Dec 2023 21:15:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h9ikciqe15; expires=Mon, 04-Dec-2023 21:15:15 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h9ikciqe15-h9ikciqe15-hq1m-0-q5a4bl-ftxofe-ft8pdz-a6e9a7; expires=Mon, 04-Dec-2023 21:15:15 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=4f46eh9ikciqe1509c&sub_id=16122660
Strict-Transport-Security: max-age=31536000

vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=4f46eh9ikciqe1509c&sub_id=16122660

104.21.22.161

0 B

URL
vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=4f46eh9ikciqe1509c&sub_id=16122660
IP
104.21.22.161:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pl=zKByXHsQK0ydGD7DogbGyA&click_id=4f46eh9ikciqe1509c&sub_id=16122660 HTTP/1.1
Host: vvfal.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 03 Dec 2023 21:15:15 GMT
content-length: 0
location: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=4f46eh9ikciqe1509c&sub_id=16122660&nrid=43be533d319a455e9781b731cbc8e8d4&hash=ubCWzESw2sULeMULFebi4A&exp=1701638415
set-cookie: zKByXHsQK0ydGD7DogbGyA=5; max-age=345600; path=/; samesite=lax
__pl=1bc645b1-c882-4a4e-9b7b-164173a30a0c; expires=Wed, 03 Dec 2025 21:15:15 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohOoe5dNVRRLNbW4j1doDFSBMXUrLWGgH1dAbKNadT8DgLcmawygwBvqQRH%2B4h0DjbRmqmlTb0tZXZxNWbsBftMM8tNuZMkmLqCab90Fr1SxgYLxUa2VplUepawpQE60LxEiCjlCe68ZmwJz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fed2ecaedc712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vvfal.stonecarv.top/eyes-robot/assets/1.png

172.67.154.38

11 kB

URL
vvfal.stonecarv.top/eyes-robot/assets/1.png
IP
172.67.154.38:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10591 bytes)
Hash
a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

HTTP Headers

GET /eyes-robot/assets/1.png HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=4f46eh9ikciqe1509c&sub_id=16122660&nrid=43be533d319a455e9781b731cbc8e8d4&hash=ubCWzESw2sULeMULFebi4A&exp=1701638415
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 21:15:15 GMT
content-type: image/png
content-length: 10591
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1906
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N81jXM%2FKwvWFAYBt7ch9uF0DDuJi9zJKGEjglP2qlQBna8eTYbZyuPXW8E54a2sRFDN7bc2ZggpRtmcVM01%2BRUccylVa2enHEaA%2F68iLUX9tn1lB%2BeYDnPIoEtDA4zhYcgE6eFcu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fed2eee906b512-OSL
alt-svc: h3=":443"; ma=86400

vvfal.stonecarv.top/eyes-robot/assets/2.png

172.67.154.38

1.1 kB

URL
vvfal.stonecarv.top/eyes-robot/assets/2.png
IP
172.67.154.38:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1061 bytes)
Hash
d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

HTTP Headers

GET /eyes-robot/assets/2.png HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=4f46eh9ikciqe1509c&sub_id=16122660&nrid=43be533d319a455e9781b731cbc8e8d4&hash=ubCWzESw2sULeMULFebi4A&exp=1701638415
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 21:15:15 GMT
content-type: image/png
content-length: 1061
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-425"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1906
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cC4gtsYpIqXknLucXnTN7YC0xq3IcbgRgzNjoLg%2FnfSIro3VQ72wvcLARxY5rUeRyHYF%2BT%2BxhdwqBi9i%2FocbwLBOIKjXoaDcymG3t%2FeMv10dqj7JqFr0g%2FVWbX3QJDzisbnTZ4BN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fed2eee90ab512-OSL
alt-svc: h3=":443"; ma=86400

vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=4f46eh9ikciqe1509c&sub_id=16122660&nrid=43be533d319a455e9781b731cbc8e8d4&hash=ubCWzESw2sULeMULFebi4A&exp=1701638415

172.67.154.38

13 kB

URL
vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=4f46eh9ikciqe1509c&sub_id=16122660&nrid=43be533d319a455e9781b731cbc8e8d4&hash=ubCWzESw2sULeMULFebi4A&exp=1701638415
IP
172.67.154.38:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
13 kB (13221 bytes)
Hash
d091598187b0c2607db0dc04029e3457
0594d408ea97d509719300d8e4c19ce49078f55b
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8

HTTP Headers

GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=4f46eh9ikciqe1509c&sub_id=16122660&nrid=43be533d319a455e9781b731cbc8e8d4&hash=ubCWzESw2sULeMULFebi4A&exp=1701638415 HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 21:15:15 GMT
content-type: text/html
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCWkTOrnwAH12mMqoSrhgPimTWuetaf%2BiTV8bbhFSz0MTRlLqdTx6FDN5OiCLqWVCtMg2OI6yja%2BRIJbyYjHgqTNxqtBh5ellxsPp4%2BTfaemhQ7xuKEwS9tZ9ZqBTxJ6jWQwX7oF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fed2ed1e8a569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vvfal.stonecarv.top/favicon.ico

172.67.154.38

0 B

URL
vvfal.stonecarv.top/favicon.ico
IP
172.67.154.38:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=4f46eh9ikciqe1509c&sub_id=16122660&nrid=43be533d319a455e9781b731cbc8e8d4&hash=ubCWzESw2sULeMULFebi4A&exp=1701638415
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Sun, 03 Dec 2023 21:15:15 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1906
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FaGpWdJ9tpGKx8zHnkqStrdRXC8R7u%2FnP%2Bk0xK8OZ8KB6Jh5BeqRLEKmzipBpIXbXUbCZyNbSCszJpr5jECq7%2B9o0awwXKVWsnL%2BbyRp3rm4Au%2BnLvbH02RSh3y2t201%2FuNYusw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fed2efaa04b512-OSL
alt-svc: h3=":443"; ma=86400

cdnstatic.stonecarv.top/ps/config.js?id=zKByXHsQK0ydGD7DogbGyA

172.67.154.38

9.5 kB

URL
cdnstatic.stonecarv.top/ps/config.js?id=zKByXHsQK0ydGD7DogbGyA
IP
172.67.154.38:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
9.5 kB (9540 bytes)
Hash
512755a6a34075b4a23c875b7ae24013
f8cecb3663d1d20fcf19a10af2a47d8238636ed3
d9cc92407823fafcd54c6e83fb6b9a51fbf3a4d9c73b2f4da64243d24ce2f81a

HTTP Headers

GET /ps/config.js?id=zKByXHsQK0ydGD7DogbGyA HTTP/1.1
Host: cdnstatic.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Cookie: __psu=49de392d-3726-4f54-b20b-0609f93e09db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 21:15:15 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s42CcsLE7V6WoBd%2BNj6rAEz%2Fy6v%2FcQ9CU%2BKRTIbDR7TKDrBIbHzlVsLrjN5vpQsm8ftyKadNFUwDB5WnLmI7HvfIIE70a9VpjEryh7uHiCVXAIrm0UN1YFjYF%2BZ5%2Bvp8XBlfLolhnPHGbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fed2efca21b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.67

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 317383
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

a.stonecarv.top/eyes-robot/assets/2.png

172.67.154.38

1.1 kB

URL
a.stonecarv.top/eyes-robot/assets/2.png
IP
172.67.154.38:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1061 bytes)
Hash
d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

HTTP Headers

GET /eyes-robot/assets/2.png HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=4f46eh9ikciqe1509c&sub_id=16122660&nrid=43be533d319a455e9781b731cbc8e8d4&hash=ubCWzESw2sULeMULFebi4A&exp=1701638415
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 21:15:16 GMT
content-type: image/png
content-length: 1061
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-425"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1732
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAqW9A26P4tCPp7PB6CNqHpYkGa0kdswPdB8xOpAOngacsRrQ4Lv8Aoxn66Jt2yZ%2BJuhZrx9eTISM0CVMpSDN%2FkPnQbX3qnMUCtunaooiAK4zmHeS88m9TvVvXHrlTYu5hA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fed2f19c71b512-OSL
alt-svc: h3=":443"; ma=86400

139.45.197.237

12 kB

URL
eehuzaih.com/500/5005565?excludes=&oaid=87152c3d614f422ebbd4a11e0bd94cab&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
gzip compressed data, max speed, from Unix\012- data
Size
12 kB (11795 bytes)
Hash
0532d35ac2f187051c9e6288470afe08
35687379fc9f5e519835c42fb8dcac0049130131
09addab9f45101a4852ee3412f3ff8cab880511737a0601c9adcd0cdf84445d2

HTTP Headers

GET /500/5005565?excludes=&oaid=87152c3d614f422ebbd4a11e0bd94cab&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Fankaragucu-besiktas-golovi-03-12-2023.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: OAID=4ccf5456502a45808c4885bef561f765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 21:15:11 GMT
content-type: application/javascript
x-trace-id: 73736d8d5bdc13b3b88025c9bea2257d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.vugla.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=87152c3d614f422ebbd4a11e0bd94cab; expires=Mon, 02 Dec 2024 21:15:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=4f46eh9ikciqe1509c&sub_id=16122660&nrid=43be533d319a455e9781b731cbc8e8d4&hash=ubCWzESw2sULeMULFebi4A&exp=1701638415

172.67.154.38

12 kB

URL
a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=4f46eh9ikciqe1509c&sub_id=16122660&nrid=43be533d319a455e9781b731cbc8e8d4&hash=ubCWzESw2sULeMULFebi4A&exp=1701638415
IP
172.67.154.38:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
12 kB (11488 bytes)
Hash
d091598187b0c2607db0dc04029e3457
0594d408ea97d509719300d8e4c19ce49078f55b
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8

HTTP Headers

GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=4f46eh9ikciqe1509c&sub_id=16122660&nrid=43be533d319a455e9781b731cbc8e8d4&hash=ubCWzESw2sULeMULFebi4A&exp=1701638415 HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 21:15:16 GMT
content-type: text/html
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTbKMiHO3p8NR%2BtbQ8xlDXzmbOLoIc5yfoWsfmDPK2CAYgd3LAaE%2F%2B8cYecj7tFvIVcnwlwywLPirFAXR8dF9go73hMc8u0Tb0tmNnL2oS93p5gBz%2B40yiCwuDqstLhVfNs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fed2f10bc7b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.stonecarv.top/favicon.ico

172.67.154.38

0 B

URL
a.stonecarv.top/favicon.ico
IP
172.67.154.38:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=4f46eh9ikciqe1509c&sub_id=16122660&nrid=43be533d319a455e9781b731cbc8e8d4&hash=ubCWzESw2sULeMULFebi4A&exp=1701638415
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Sun, 03 Dec 2023 21:15:16 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2190
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woj17X61j31r2vUWzneqjGrPaaU0hC%2BjzK3mPacp227yd5IacbMwblEPAHAfCIVkU%2FDLIryqkBjGgxf%2F66cPzux55VfPbG1shbxYfoPxF%2FG6v6kgfWFMZVV4wN9P%2FB2m660%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fed2f22d50b512-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

142.250.74.67

9.3 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (28368)
Size
9.3 kB (9308 bytes)
Hash
9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

HTTP Headers

GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 06:08:34 GMT
expires: Fri, 29 Nov 2024 06:08:34 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 313602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.67

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 317384
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

vvfal.stonecarv.top/shared-js/assets/static-pl.js?v=2

172.67.154.38

4.3 kB

URL
vvfal.stonecarv.top/shared-js/assets/static-pl.js?v=2
IP
172.67.154.38:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
4.3 kB (4281 bytes)
Hash
7224243dd0b18bb2508a1d77d4b2a0b2
bd833c24aa241861316053fd8bd46a1bef3d343f
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

HTTP Headers

GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=4f46eh9ikciqe1509c&sub_id=16122660&nrid=43be533d319a455e9781b731cbc8e8d4&hash=ubCWzESw2sULeMULFebi4A&exp=1701638415
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 21:15:15 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: W/"6569b076-dee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1906
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2DKancVB6%2B4Onmbu2zczguy0VShYX6Uats7jlvwc%2FRUMpqu6dlrF5eqJiAkK92m1xYfOo4%2BdHWEN1rbyCKgz7G%2BAojKWDWShY9kaqD4SCswoglurOh%2BKuKPwFKfdhMbisjbTdbi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fed2eee917b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjM4MTc2JnJtdGM9dCZzaHU9NmQ1OGVkMDFhZDc5ZWVkOGM5M2MzYjhiYTNmMDAwZGE2Mzk2ZTdiYTI5NzAyNGYzMzMyNDMzMGIwZjUxODE3MGU5NDBkZmI5NDNkMDI2MGUxZjgxNjkxNzJhMmQ4MDhjOGE5YWY2NWE3MDk2Mjk5ZDIzYmQyMDlmNzZhOTRjYTU4ZTkyODFmMDQ1ODNkYjY3OTRlOTNmZTUzNzZhOTg1MDA3ZjJhNGI4ZWNhMTIyNWJlNzAyYmU1MWMyZjk1Zg%3D%3D&uuid=&pii=&in=false

173.233.137.52

0 B

URL
www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjM4MTc2JnJtdGM9dCZzaHU9NmQ1OGVkMDFhZDc5ZWVkOGM5M2MzYjhiYTNmMDAwZGE2Mzk2ZTdiYTI5NzAyNGYzMzMyNDMzMGIwZjUxODE3MGU5NDBkZmI5NDNkMDI2MGUxZjgxNjkxNzJhMmQ4MDhjOGE5YWY2NWE3MDk2Mjk5ZDIzYmQyMDlmNzZhOTRjYTU4ZTkyODFmMDQ1ODNkYjY3OTRlOTNmZTUzNzZhOTg1MDA3ZjJhNGI4ZWNhMTIyNWJlNzAyYmU1MWMyZjk1Zg%3D%3D&uuid=&pii=&in=false
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjM4MTc2JnJtdGM9dCZzaHU9NmQ1OGVkMDFhZDc5ZWVkOGM5M2MzYjhiYTNmMDAwZGE2Mzk2ZTdiYTI5NzAyNGYzMzMyNDMzMGIwZjUxODE3MGU5NDBkZmI5NDNkMDI2MGUxZjgxNjkxNzJhMmQ4MDhjOGE5YWY2NWE3MDk2Mjk5ZDIzYmQyMDlmNzZhOTRjYTU4ZTkyODFmMDQ1ODNkYjY3OTRlOTNmZTUzNzZhOTg1MDA3ZjJhNGI4ZWNhMTIyNWJlNzAyYmU1MWMyZjk1Zg%3D%3D&uuid=&pii=&in=false HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.toprevenuegate.com/zj77nccnbs?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=19854905
Cookie: u_pl=19854905; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 21:15:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://shop.bigbasketshop.com/track?q=kghXWdDErq
Set-Cookie: iprccf46e3750837725044de1e33eb72f981=4591122; expires=Mon, 04 Dec 2023 21:15:17 GMT
pdhtkv=true; expires=Mon, 04 Dec 2023 21:15:17 GMT
uncs=1; expires=Mon, 04 Dec 2023 21:15:17 GMT
pdhtkv28=true; expires=Mon, 04 Dec 2023 21:15:17 GMT
uncs28=1; expires=Mon, 04 Dec 2023 21:15:17 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 425f21cb6bf86526bd1b09157ac8b2b3
Strict-Transport-Security: max-age=0; includeSubdomains

clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD

3.127.180.170

200 OK

3.6 kB

URL User Request POST HTTP/2
clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
IP
3.127.180.170:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (314)
Size
3.6 kB (3610 bytes)
Hash
dffa9bac5be3f386079d2028d8264f59
e264575195c6ca302170a308b3da31f924b6d60c
43ffd816104a86bae1d1e75330e61c304463fcf25e6bdb5086c34a944b1e4c68

HTTP Headers

GET /click?p=225780&a=3238748&epi=TerraD HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shop.bigbasketshop.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 21:15:19 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 3610
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
referrer-policy: origin
X-Firefox-Spdy: h2

vht.tradedoubler.com/fp/fpjs.js

54.230.111.48

7.7 kB

URL
vht.tradedoubler.com/fp/fpjs.js
IP
54.230.111.48:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (19960)
Size
7.7 kB (7718 bytes)
Hash
e967d9e86ec8ff44db0e24766ced642f
bd488430b8b4283eb82afda802a075cf841c29d3
040dff2a9b3d08a4654dec367d93f2b994a8ea0e573950d5561c0022af4a3c3a

HTTP Headers

GET /fp/fpjs.js HTTP/1.1
Host: vht.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7718
Connection: keep-alive
Date: Sat, 02 Dec 2023 03:49:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 09 Oct 2023 08:54:59 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U8ip0yZleu0bgA0EMPfcY_E5-eUo-yYnHLf-c6CL_gOrdjpotfRKUQ==
Age: 149177
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff

clk.tradedoubler.com/favicon.ico

3.127.180.170

404 Not Found

193 B

URL GET HTTP/2
clk.tradedoubler.com/favicon.ico
IP
3.127.180.170:443
ASN
#16509 AMAZON-02

Requested by
https://clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
Certificate
IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
193 B (193 bytes)
Hash
523cbcb278f348bbe64563fe4cc9f435
5a436481b66ccb6dff53c5e1a14c08ef0b4a8e4b
37b6ca25983f4126bd10c135684bc8f421c8b48a5bdb75b5ad69c849035a84f4

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sun, 03 Dec 2023 21:15:19 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 193
X-Firefox-Spdy: h2

clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD

3.127.180.170

200 OK

150 B

URL User Request POST HTTP/2
clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
IP
3.127.180.170:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with no line terminators
Size
150 B (150 bytes)
Hash
dc03e2e45f5c0d5e02f319e7f1e957cf
47725bedccb4c387bfc904021658cc7b343927ab
f064d039c1745fafca89f95ad9748a95b6ed51a78270b7feee25e968faef36b7

HTTP Headers

POST /click?p=225780&a=3238748&epi=TerraD HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 90
Origin: https://clk.tradedoubler.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 21:15:19 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 150
set-cookie: GUID=1z11zz14Nz17keKKzbe931adad5ea4adb2e5400bc5e35b18c;expires=Mon, 02-Dec-2024 21:15:19 GMT;path=/;domain=.tradedoubler.com
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
referrer-policy: origin
X-Firefox-Spdy: h2

clk.tradedoubler.com/favicon.ico

3.127.180.170

404 Not Found

193 B

URL GET HTTP/2
clk.tradedoubler.com/favicon.ico
IP
3.127.180.170:443
ASN
#16509 AMAZON-02

Requested by
https://clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
Certificate
IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
193 B (193 bytes)
Hash
523cbcb278f348bbe64563fe4cc9f435
5a436481b66ccb6dff53c5e1a14c08ef0b4a8e4b
37b6ca25983f4126bd10c135684bc8f421c8b48a5bdb75b5ad69c849035a84f4

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Cookie: GUID=1z11zz14Nz17keKKzbe931adad5ea4adb2e5400bc5e35b18c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sun, 03 Dec 2023 21:15:19 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 193
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (125)

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations