Report - www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html

Report Overview

Visited public
2023-12-01 19:02:13
Tags
URL
www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Finishing URL
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
IP / ASN
192.185.106.252
#46606 UNIFIEDLAYER-AS-1
Title
Unibet

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.profitabledisplaycontent.com	138390	2020-10-14	2020-10-16 04:07:47	2023-11-28 18:09:47	3.4 kB	4.8 kB	173.233.137.60
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-12-01 06:35:15	1.5 kB	67 kB	45.133.44.10
devoutdoubtfulsample.com	unknown	2023-11-28	2023-11-28 10:14:12	2023-12-01 00:21:51	457 B	467 B	173.233.137.44
vvfal.veinmaster.top	unknown	2023-11-23	2023-11-26 13:21:34	2023-11-30 01:15:05	2.0 kB	27 kB	172.64.103.19
a.veinmaster.top	unknown	2023-11-23	2023-11-24 09:28:59	2023-12-01 13:52:16	3.2 kB	74 kB	172.64.103.19
apis.google.com	105	1997-09-15	2013-05-06 22:20:21	2023-12-01 05:11:42	1.3 kB	24 kB	142.250.74.78
www.kursnalista.co	unknown	2019-01-14	2015-04-30 23:56:04	2023-11-19 14:45:56	892 B	55 kB	192.185.106.47
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-12-01 06:19:54	950 B	716 B	18.184.210.76
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2023-12-01 05:12:17	483 B	111 kB	172.64.140.13
a1s-cdn.unibet.com	283505	1997-12-11	2014-04-23 17:07:51	2023-12-01 13:52:19	1.4 kB	1.7 kB	85.184.96.5
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-01 06:26:25	432 B	86 kB	216.58.207.200
www.vugla.com	unknown	2013-09-24	2015-02-06 16:22:31	2023-11-30 06:05:06	39 kB	859 kB	192.185.106.252
amunfezanttor.com	unknown	2023-03-31	2023-03-31 14:42:42	2023-12-01 13:22:24	2.1 kB	2.0 kB	139.45.197.250
www.unibet.com	318338	1997-12-11	2014-04-29 03:07:51	2023-11-30 18:16:42	4.2 kB	90 kB	85.184.96.28
bannerflow-feed-builder.azurewebsites.net	659103	2012-01-24	2017-11-23 14:27:15	2023-11-30 18:16:43	606 B	5.5 kB	104.40.147.180
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-01 05:29:09	3.9 kB	255 kB	142.250.74.131
pinefluencydiffuse.com	unknown	unknown	No data	No data	486 B	14 kB	173.233.137.52
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-01 06:50:24	1.4 kB	32 kB	142.250.74.35
adserving.unibet.com	98000	1997-12-11	2015-05-26 08:56:53	2023-12-01 06:35:22	589 B	1.4 kB	13.107.246.53
welcome.unibet.com	242429	1997-12-11	2017-01-30 06:39:28	2023-12-01 11:51:43	18 kB	195 kB	172.64.144.152
offerimage.com	304078	2019-06-10	2019-06-10 13:11:53	2023-12-01 12:59:37	467 B	20 kB	104.22.33.172
www.variouscreativeformats.com	408415	2021-06-09	2021-06-13 08:53:26	2023-11-28 18:09:46	457 B	12 kB	173.233.137.60
violationphysics.click	unknown	2023-02-10	2023-02-11 18:32:06	2023-12-01 09:03:21	926 B	601 B	192.64.81.118
www.toprevenuegate.com	unknown	2023-10-20	2023-10-23 18:22:31	2023-11-28 19:08:31	2.4 kB	3.9 kB	173.233.137.52
pl15560907.passtechusa.com	unknown	2020-02-27	2022-10-27 15:33:11	2023-11-25 04:22:29	455 B	16 kB	173.233.139.164
upkoffingr.com	unknown	2023-03-22	2023-03-23 02:09:10	2023-11-24 20:52:29	2.0 kB	37 kB	139.45.197.251
vvfal.rigelbetelgeuse.top	unknown	2023-05-11	2023-05-11 14:25:20	2023-11-28 09:13:44	608 B	1.0 kB	104.21.22.161
cdnstatic.veinmaster.top	unknown	2023-11-23	2023-11-26 05:26:39	2023-12-01 13:52:16	1.2 kB	24 kB	172.64.103.19
cdn.bannerflow.com	23819	2008-06-03	2018-02-22 13:57:21	2023-11-30 18:08:22	1.5 kB	33 kB	104.16.48.126
eehuzaih.com	unknown	2022-02-21	2022-02-21 12:12:25	2023-11-25 20:59:40	2.2 kB	55 kB	139.45.197.237
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-01 05:09:40	2.1 kB	868 B	216.239.34.36
tharbadir.com	670354	2018-04-25	2018-05-21 22:07:02	2023-11-20 17:43:39	4.8 kB	165 kB	139.45.197.238
conqueredallrightswell.com	unknown	2023-11-14	2023-11-16 20:49:45	2023-11-29 05:29:33	2.5 kB	4.4 kB	173.233.137.60
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-01 08:07:42	447 B	88 kB	142.250.74.106
pl16411290.alternativecpmgate.com	unknown	2021-07-01	2023-05-22 08:21:17	2023-11-24 20:52:24	460 B	10 kB	173.233.137.44
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-11-30 20:01:36	1.0 kB	1.5 kB	139.45.195.8

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-01 19:02:06	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-01	medium	eehuzaih.com	Sinkholed
2023-12-01	medium	eehuzaih.com	Sinkholed
2023-12-01	medium	upkoffingr.com	Sinkholed
2023-12-01	medium	upkoffingr.com	Sinkholed
2023-12-01	medium	pinefluencydiffuse.com	Sinkholed
2023-12-01	medium	upkoffingr.com	Sinkholed
2023-12-01	medium	amunfezanttor.com	Sinkholed
2023-12-01	medium	amunfezanttor.com	Sinkholed
2023-12-01	medium	amunfezanttor.com	Sinkholed
2023-12-01	medium	amunfezanttor.com	Sinkholed
2023-12-01	medium	devoutdoubtfulsample.com	Sinkholed
2023-12-01	medium	conqueredallrightswell.com	Sinkholed
2023-12-01	medium	conqueredallrightswell.com	Sinkholed
2023-12-01	medium	upkoffingr.com	Sinkholed
2023-12-01	medium	toprevenuegate.com	Sinkholed
2023-12-01	medium	toprevenuegate.com	Sinkholed
2023-12-01	medium	eehuzaih.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (25)

	URL	From	Size	First Seen	Last Seen
	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	147 B	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521 IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5793 Hash 1d18cffe3fc76896ca02254b5879b535 1a8fec7049c5644eaab6f7aecf8672f3f858d037 cb934bad0e7cb0b0b2edbc619a28b2d7ee4960dba893c3c2ce2a63e458d8af5b Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js	ScriptElement	5.4 kB	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5792 Hash ac64b59c98bbe50cf69b6c98fa39585c 0a5cc9fb43b8a208481baaf752dbd504078a764b 28ac02c7302149814ed1c1b8a31b96e1ea94247c3b64888a598f66955d28312c Loading...

	a1s.unibet.com/orval/tracking/lastclick.min.js	ScriptElement	1.8 kB	2023-03-07	2025-02-02
Pretty URL a1s.unibet.com/orval/tracking/lastclick.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-02-02 17:17 Times Seen4745 Hash 8027969a31091dd0d3a7813f95ee7e10 591677c488b8b98532778e11adc9348253a014a4 5166be250f7de7d316b5fb9778843cc3268ce3e00f917530f65e99dcdb355b60 Loading...

	unknown	ScriptElement	2.6 kB	2023-03-07	2025-02-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-02-02 17:17 Times Seen5802 Hash cd03538fc58df8693fe9af9337788f0f 408a15551710117d0538fc9442a55b5678bb85a5 cc933dd733a6db1a1a9ff1d7c0adb26717fa27d4d177b7a5a2cab0bfdb353562 Loading...

	www.unibet.com/kindred_snow/s3.7.0/kindred_s.js	ScriptElement	74 kB	2023-03-12	2025-04-01
Pretty URL www.unibet.com/kindred_snow/s3.7.0/kindred_s.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:47 Last Seen2025-04-01 10:09 Times Seen6322 Hash 3fb00dbb8acb3c68fd5ddb674f22bb88 cf7bc4f71f0ff66037ac2e564963ff4c2737e766 7d3d84e73da67922341950d1542a5a5da2420ea18026e314a9aec22f631e4246 Loading...

	welcome.unibet.com/widget/betslip/betslip.js	ScriptElement	15 kB	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/widget/betslip/betslip.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5796 Hash 5770dc60397ffb834d1280aa7bcebbd0 f0bbf2136b83babe5a8f70eeff2308279e9a0d3a 42e08e8d4858e610d87679ab66e8a7cf4b575614c0aa1423d8a1c0245bda9a52 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC	ScriptElement	192 kB	2023-12-01	2023-12-02
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 16:16 Last Seen2023-12-02 08:53 Times Seen9 Hash 98e8d65b9a9b1f8f98ca0211abf879ad 40c301f419d822871b7a87b5d7cdbb77c779f392 74d612e614fbf894a5fb911cf98f395455aa0198bade5a2ce5d3b344f9c3f3e8 Loading...

	unknown	ScriptElement	9.0 kB	2023-09-21	2025-02-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-21 22:26 Last Seen2025-02-02 17:17 Times Seen5254 Hash 4bf85503f4a4c7bcfaab0141a5806d3d 27fe50a4fc3c8c70cbb4a7448497b078d4583afc f69fd5a7cc72a1b162c15eed2d8df99565cfb38316cfe1b946b868f809146305 Loading...

	unknown	ScriptElement	7.7 kB	2023-10-13	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 14:25 Last Seen2024-08-21 04:51 Times Seen5162 Hash d8109ab58402556ab737fe39834e6905 47aceb389987ff2659d00e7594f4b6f497fd776b 71020f8da24acc220d53e62c55ebf61e031f1d189dca99dd219c96ea2686dc96 Loading...

	unknown	ScriptElement	1.5 kB	2023-11-16	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 15:59 Last Seen2024-08-20 19:16 Times Seen3975 Hash aa815b3ab95f01113f06825d3482950a 8ba15b0202aeaf30c7db18cb23c5007dea0ed42b b9eb09d3ddb52bcd12443dedbb9194d9b07a2e5a29139a63adbc62eb158ad828 Loading...

	a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js	ScriptElement	956 B	2023-03-07	2025-02-02
Pretty URL a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12 Last Seen2025-02-02 17:17 Times Seen4811 Hash fd48e87ecd4d06d9c5df490b91dc813e a65a437db44444634e4f41732c590c1d14433b3f 2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	307 B	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521 IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5790 Hash 5633bd464ac4d5c3fab4b6c6db04c743 e9b255450e7612595382082329b0fe88904abcee ca8576fcf8d4ca2350c9fe2a7976729e6e3c6b42ca948060a509a1eed46e93fd Loading...

	unknown	ScriptElement	462 B	2023-11-06	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-06 12:29 Last Seen2024-08-20 20:41 Times Seen4510 Hash 0e8641478391e5943136bbd9dcf81687 43802b92092208cbe4b2c893a6cf8a66970a90ba f2492cbdb92a0b0870b3ae997b0343f648e0489b2877e12fbd4302cf29453436 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js	ScriptElement	4.5 kB	2023-03-07	2025-02-02
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-02-02 17:17 Times Seen5795 Hash 04fc48de78cbfc5d1557e9df399c7733 e1bf77a4fef1943b0eab404c4abbe9477cb373e0 4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	295 B	2023-09-13	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521 IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-13 20:26 Last Seen2024-08-21 06:57 Times Seen5369 Hash c19afddc1697308e0ef68fc2225c7f22 c77de15393ad1ee1d0d49afd6cc7c1cdefa9a5b4 7d80f28d2d8c0b322d667bc27797d7e01c2e90fa2a7d1025db04252d5b83f202 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	218 B	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521 IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 06:57 Times Seen5369 Hash 91824c153a2424389807187ea41b9137 0ac7bf21044c90de1568152896efb9466c90b412 74abc0c84e63335fab7da57b01856b457f332b55d1ae539baadb180b13be726c Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	92 B	2023-03-07	2025-02-02
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521 IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2025-02-02 17:17 Times Seen5784 Hash 7f0f3c1a6218ba26e0a2303513a4b789 a8d06c9a0d0b367220509b18213f6b102f4b4fc0 faffe243fd7f581af68fd7dafdf86ff1e5c0824831f03d5758cb309da65fddda Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	364 B	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521 IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5771 Hash b7207d294237fb810195b41fdd3cac28 ff7ef257957cbc2074fa5814177bb7cbbac44eb2 12f39122cef3c11903118c0f4769199ddc1e0e5ba13d7dbe8373e5c77391baf5 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 11:06 Times Seen57428 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	welcome.unibet.com/custom.js	ScriptElement	5.9 kB	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/custom.js IP 172.64.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5794 Hash 7bf01e92dd55d5fa298f55fbcb9afd30 4db58eaa64d33bce2d1ae88d5ed6919d8986f8dc 2c13bba84b390447c18343fd8319ca7aea45208f53fb3143ed27c354fd5b2b1f Loading...

		Size	First Seen	Last Seen
	#1 Eval - 127ac839a41bdd9ab92ad47b7411cdaf	29 B	2023-03-08 14:23	2025-05-06 08:36
Pretty Observations First Seen2023-03-08 14:23 Last Seen2025-05-06 08:36 Times Seen675 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

	#2 Eval - b4db71556e353b04562ba2f5ba28476c	471 B	2023-11-26 21:23	2024-08-20 17:49
Pretty Observations First Seen2023-11-26 21:23 Last Seen2024-08-20 17:49 Times Seen25 Hash b4db71556e353b04562ba2f5ba28476c 4ba29f4a117f58fd0dcb2f6e1fc7a50a50842399 991239f15eca790f4d782b2b2eef92fb5728365845c17f7e886a972cd08638e3 Loading...

		Size	First Seen	Last Seen
	#1 Write - ac798ac2b2c9559c3e64b701f845c78e	50 B	2023-03-07 01:11	2024-08-21 09:44
Pretty Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5804 Hash ac798ac2b2c9559c3e64b701f845c78e 288602cbfebecea88ca238ce32c92d133bf59bff a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449 Loading...

	#2 Write - 31c9da99d87f30d4105f391c11ae8757	128 B	2023-08-25 09:27	2024-08-21 08:08
Pretty Observations First Seen2023-08-25 09:27 Last Seen2024-08-21 08:08 Times Seen183 Hash 31c9da99d87f30d4105f391c11ae8757 da2648a5466570fd4aa986282e122d12ab6b5648 1dbdd8a3b493ad2b2750901f83983de94b8f59db68ab58aebe45672fc4dba75d Loading...

	#3 Write - 64ac9d5f26415df0de619a363cb9702f	209 B	2023-10-29 07:37	2024-08-20 21:58
Pretty Observations First Seen2023-10-29 07:37 Last Seen2024-08-20 21:58 Times Seen15 Hash 64ac9d5f26415df0de619a363cb9702f e0527623dd93d52a915a68f173f27f9655c65eb0 8f70abb576e966f3c29ea486f0ae5e65013e6755ca53f0fe5b3c7ad9f7d63fb4 Loading...

HTTP Transactions (148)

URL IP Response Size

apis.google.com/js/plusone.js

142.250.74.78

22 kB

URL
apis.google.com/js/plusone.js
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2664)
Size
22 kB (21930 bytes)
Hash
12476fdc6b8599d03eac729748337611
7a15dc04ad6e77026bf45927b78247411e3e0466
c5be6532f19ca90fb5966ed89be694f2bc2cded1e443d3489467cb28cd69af43

HTTP Headers

GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 21930
date: Fri, 01 Dec 2023 19:01:56 GMT
expires: Fri, 01 Dec 2023 19:01:56 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "b82ec1e6cb6f99ed"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=ERuPcW2GxHsBsee6MrMAkGorD8p3m5LK0-dcFOz-u1ueg-D5xg1uCpECfZLRvtJeHxNxsM4H3KcidZ22jCm3tCFVOfJfXyEyBQk9JPQbp_4yOQ0LQKA1w3fLjAEnXMBwYbJj6ru6hEzj17HzTh-tbr32A3kqJYjIRiskSx1pEuY; expires=Sat, 01-Jun-2024 19:01:56 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT

216.58.207.200

86 kB

URL
www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT
IP
216.58.207.200:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3034)
Size
86 kB (85502 bytes)
Hash
8538a5b23b0bf307b612b22ef096d572
186d9d17d52e6ff9093d43b593aac8575cc52270
fde8dac8e85c98901d82b84378561aec9f9c1c6380e71a896008f8b1e7064816

HTTP Headers

GET /gtag/js?id=G-7NCJ73THPT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 19:01:56 GMT
expires: Fri, 01 Dec 2023 19:01:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85502
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1

192.185.106.252

398 B

URL
www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
398 B (398 bytes)
Hash
4f140b946bdc4cb833896a992db68c6d
52d6c64f9c5478bb70604068a66f06283ecff968
f8f90d1cacc59cf90886948787ef5c723b8de9e41092285611f2f915b5996ef2

HTTP Headers

GET /wp-content/themes/vugla/style.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 24 Mar 2020 17:57:12 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 398
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6

192.185.106.252

1.4 kB

URL
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (4310), with CRLF line terminators
Size
1.4 kB (1410 bytes)
Hash
b236fbc68ad6824d6fd4be9501a56ea5
5147f5e6779b335a45771a6a9ec9f0a1db8079ef
d49c9ad378618e0a0eb8e6fca04c13f6005e13badf79e0c977d76d851f7aa60a

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1410
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1

192.185.106.252

89 B

URL
www.vugla.com/wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
89 B (89 bytes)
Hash
b20aaffdf9d8e1f413b536edb9d1b649
0f3afd6ef6940700eb7f245629d1b79c52f45b47
9534982bd24eaa3205ac2e5a4dbd6a16a3129b70df981f422562ef3a30ade7cd

HTTP Headers

GET /wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:50:56 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 89
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1

192.185.106.252

733 B

URL
www.vugla.com/wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (2553), with no line terminators
Size
733 B (733 bytes)
Hash
229bf132659b3607e05296743613ecca
2f498516b73ae5f087904669ccd6b3eb57054711
73214adfea5dc8d2ab7aae66baec56aab47e70224557c08f424b80909d1acd7c

HTTP Headers

GET /wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:33 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 733
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

192.185.106.252

5.4 kB

URL
www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (13479)
Size
5.4 kB (5422 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 5422
content-type: application/javascript
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1

192.185.106.252

14 kB

URL
www.vugla.com/wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (5844)
Size
14 kB (13761 bytes)
Hash
514fccb15bdc95ea2c2b6fddaded8ecc
4c999194bb19b83cc85f40621fa1c74cd1a4cbf7
d86730f73982f170cb0943d0d47c3c2520743d6a3d6cf5330cde12667df675ca

HTTP Headers

GET /wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:35 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 13761
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1

192.185.106.252

320 B

URL
www.vugla.com/wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
320 B (320 bytes)
Hash
199decab27dd471d35814631e71e6fea
42c2847529b6859230bc2f4e8e6432805a06148b
7279594a46188e3246db42ffd4c609fc254c6fa06bfca8b72dd82e63fa4e6385

HTTP Headers

GET /wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 26 May 2014 20:39:02 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 320
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6

192.185.106.252

4.7 kB

URL
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (12917), with CRLF line terminators
Size
4.7 kB (4708 bytes)
Hash
416d2c5e5425c640a7d63f25e0376fd6
a95b218161d94bdb148d108aedf065b4a4762045
b875bead01dfa1b02a553e8efda0f3a65d39da24f19ad37af95f06795eee76dc

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 4708
content-type: application/javascript
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/logo.png

192.185.106.252

7.9 kB

URL
www.vugla.com/wp-content/themes/vugla/images/logo.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 254 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
7.9 kB (7870 bytes)
Hash
f8e78d7eed20f4d77ca41cbf9700c0fa
9c40c7c5ae212e070b2aceda05b7e34de143a670
cf314f8938fb5d378e49a7e09683a206e244024b7ca3a7ec1676f22804285ca7

HTTP Headers

GET /wp-content/themes/vugla/images/logo.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 18 Nov 2013 11:35:09 GMT
accept-ranges: bytes
content-length: 7870
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/siena-piaza-di-paradiso-webcam-150x150.jpg

192.185.106.252

5.5 kB

URL
www.vugla.com/wp-content/uploads/2021/11/siena-piaza-di-paradiso-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
5.5 kB (5524 bytes)
Hash
dd09e343a96187e9d8f3d70656ffbb87
ee20578e6431af1f0f82ace247a6c80ea4c1af15
bbf157f8a642d8848f838477bd12e007c6dbd80a07beb3e785f70621b3e8b2c1

HTTP Headers

GET /wp-content/uploads/2021/11/siena-piaza-di-paradiso-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 27 Nov 2021 11:20:42 GMT
accept-ranges: bytes
content-length: 5524
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/venice-ponte-delle-guiglie-150x150.jpg

192.185.106.252

7.4 kB

URL
www.vugla.com/wp-content/uploads/2021/11/venice-ponte-delle-guiglie-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
7.4 kB (7424 bytes)
Hash
bc56c6497c2c5b009e93d949e6d0fb55
c51a8c4cf1177fc6a67eaaca4ff9d4000b7d2c2e
48b7b6fd0ffa2ef0fb13218e8ecce9f257553f8753f240ee673c7cf5bbebfbf6

HTTP Headers

GET /wp-content/uploads/2021/11/venice-ponte-delle-guiglie-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Nov 2021 10:52:11 GMT
accept-ranges: bytes
content-length: 7424
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png

192.185.106.252

2.3 kB

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2328 bytes)
Hash
91d33236832e22fe9743606623bd001a
d7101e60e49e86dbe1f34876228aa6831ad568f7
5571cdc5e0d90001474bf488c142929a02a39e55a4a7f61c44d1f94a4087eda1

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 2328
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1

192.185.106.252

8.7 kB

URL
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (17739), with CRLF line terminators
Size
8.7 kB (8747 bytes)
Hash
3229aa93c44fa4628707e80959a97bc1
5a2d4dbc4d1df02e7a386489e7b5c5a9e22dd40f
095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8747
content-type: application/javascript
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png

192.185.106.252

5.9 kB

URL
www.vugla.com/wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
5.9 kB (5880 bytes)
Hash
616a93e26f2d9261cd8412a8741f7be8
5fbfd88e502bcc766a9c9ef1d1751ed16ce1197c
306accb5ad46635aeb9481a9bc934c14ae474e924ec52b6673141c5acacd800d

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 22 Dec 2016 10:00:28 GMT
accept-ranges: bytes
content-length: 5880
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6

192.185.106.252

8.6 kB

URL
www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (629), with CRLF line terminators
Size
8.6 kB (8560 bytes)
Hash
68f8af044f685b84c7d49ac2356acabf
585889874b36224e980f4d285044ec0fb478dc7c
9fe6a07f596d507305d1480e6bb301d04cbf5ef8660b24b9fa411e39607a7ab5

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8560
content-type: application/javascript
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png

192.185.106.252

584 B

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
584 B (584 bytes)
Hash
114d84e23ab95df71589ab5e67b93b85
2270334f4b83486ceaab53133e4706537c16f38a
1353c448068301ee8534bd1d3c8eb214863afa0b9f716222dfe93e2739cffac2

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 584
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/real-sociedad-salzburg-golovi-29-11-2023-150x150.jpg

192.185.106.252

5.4 kB

URL
www.vugla.com/wp-content/uploads/2023/11/real-sociedad-salzburg-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
5.4 kB (5353 bytes)
Hash
3dd0b6a881bcbf037b6fc140e05dc03e
88a53f3308d933fe32230071702ebd547d7ea65f
2acd2ffefda761e9164ef6e6107caed96686c26e1af57498ba71d448c6c1766d

HTTP Headers

GET /wp-content/uploads/2023/11/real-sociedad-salzburg-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:27 GMT
accept-ranges: bytes
content-length: 5353
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png

192.185.106.252

1.7 kB

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1659 bytes)
Hash
42bec42b54ef1bb6bb9596efa815973d
88145ca02b72936eb430e818cd7a80f189ca9166
154a5b712eedff5cdee156292d8795dd139a350c7ed09982e5faec55a0ab2f42

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 1659
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/backa-west-ham-golovi-30-11-2023-150x150.jpg

192.185.106.252

4.2 kB

URL
www.vugla.com/wp-content/uploads/2023/12/backa-west-ham-golovi-30-11-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
4.2 kB (4163 bytes)
Hash
d2944a2988ea437dd47e366c35318287
bb2ce83b81e69d624aebf85a53d328b79e794fe0
3e810cdaa1d877d350dcc84007411d3df081852910972b4cbae76eccbc14a39d

HTTP Headers

GET /wp-content/uploads/2023/12/backa-west-ham-golovi-30-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 23:14:23 GMT
accept-ranges: bytes
content-length: 4163
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png

192.185.106.252

2.6 kB

URL
www.vugla.com/wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2562 bytes)
Hash
56735b8135d0a3b1db1b1e1a34945e85
dc604b4e7030d9fe583393b94f1811fe69628107
7ef39fd53ffb21c300f78615faa8eab8eb1163ad1b70843efa4550a0bda364bc

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 26 Jul 2017 12:44:40 GMT
accept-ranges: bytes
content-length: 2562
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/zagreb-trg-bana-jelacica-2-150x150.jpg

192.185.106.252

7.0 kB

URL
www.vugla.com/wp-content/uploads/2021/11/zagreb-trg-bana-jelacica-2-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
7.0 kB (6982 bytes)
Hash
1fc23d41bb894274b7cf389d2bfcf57c
b752e2962b4feea7ae0eaf899b0c6b4e818c413d
8f5be453ac83ca763b56a8708ca2232490946e1620c1cb20f37947d376411e71

HTTP Headers

GET /wp-content/uploads/2021/11/zagreb-trg-bana-jelacica-2-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 29 Nov 2021 17:20:28 GMT
accept-ranges: bytes
content-length: 6982
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/mallorca-cadiz-golovi-29-11-2023-150x150.jpg

192.185.106.252

3.2 kB

URL
www.vugla.com/wp-content/uploads/2023/11/mallorca-cadiz-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
3.2 kB (3206 bytes)
Hash
c4ac3f2f10ead27a6c470fae8fc5c5e7
33d7f8215ac9949c54459676bf8048df6d51d73b
ba12aca2f09ad73a05991204f75c235aedee8fd2265f66d6d5e26384cea71e34

HTTP Headers

GET /wp-content/uploads/2023/11/mallorca-cadiz-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:29 GMT
accept-ranges: bytes
content-length: 3206
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/benfica-inter-golovi-29-11-2023-150x150.jpg

192.185.106.252

4.6 kB

URL
www.vugla.com/wp-content/uploads/2023/11/benfica-inter-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
4.6 kB (4550 bytes)
Hash
f25ddb130bb8a894d4b33c0b2dc7f1c1
c385eb5107fcb92146738fe1846ce4b33cd41659
3c03f20d9971177deee5a25b222a9af1dc8eb62a5c4b24fbde4ac84ba7360421

HTTP Headers

GET /wp-content/uploads/2023/11/benfica-inter-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:20 GMT
accept-ranges: bytes
content-length: 4550
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4

192.185.106.252

8.3 kB

URL
www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (18798)
Size
8.3 kB (8305 bytes)
Hash
f88d5720bb454ed5d204cbdb56901f6b
f1952292fde4b15936e9aac16b2b9896684db95b
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8305
content-type: application/javascript
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png

192.185.106.252

861 B

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
861 B (861 bytes)
Hash
1d8dab6f1066b94b74f5611a8c918681
4e0edc7ba1ada49418772d8d581cd3d38518d490
bac6d2c8418e543d967d6e57710eda1ca4318ddd917c19a28fd63b4240e8d150

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 861
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1

192.185.106.252

106 B

URL
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
106 B (106 bytes)
Hash
64829824ee643f09fb3821dc49b3089a
446608ff9f4128b9503476135a8c28599f8d5c2e
0b967c52b8e899c4266110c97fa50018d61ccf1365144d16f09f901523d48c95

HTTP Headers

GET /wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:31 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 106
content-type: application/javascript
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/beograd-terazije-webcam-150x150.jpg

192.185.106.252

6.1 kB

URL
www.vugla.com/wp-content/uploads/2021/11/beograd-terazije-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
6.1 kB (6135 bytes)
Hash
1849f0807088d763679848101c623dac
1fa42415c2f2ae200e427a32a6814cc7f9e19e5b
7e1fa9bfa1c7ba0b07f145a11b12fab94f84fb6ce92d21a030a2c933ba20734c

HTTP Headers

GET /wp-content/uploads/2021/11/beograd-terazije-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 24 Nov 2021 16:28:39 GMT
accept-ranges: bytes
content-length: 6135
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/hrvatska-pula-forum-webcam-150x150.jpg

192.185.106.252

5.5 kB

URL
www.vugla.com/wp-content/uploads/2021/11/hrvatska-pula-forum-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
5.5 kB (5531 bytes)
Hash
47feff0f7b4c46a2865d31597e6fed04
4a7156a89612b2755b9590bf39ec5ee21b8ea8af
1d9e84feedf3d515e8107b5b220c3313b2d61689a018c2332867ff391d1fe61c

HTTP Headers

GET /wp-content/uploads/2021/11/hrvatska-pula-forum-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 24 Nov 2021 17:03:21 GMT
accept-ranges: bytes
content-length: 5531
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/bayern-munich-fc-copenhagen-golovi-29-11-2023-150x150.jpg

192.185.106.252

6.5 kB

URL
www.vugla.com/wp-content/uploads/2023/11/bayern-munich-fc-copenhagen-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
6.5 kB (6455 bytes)
Hash
7b7ac3fe315dc9eb4b7939372ed450e9
6a2a2a5470e3648a563cce65ac6d1cd6ac8428ee
54d808ec3b10ea6b3b241b4703caabe1170aa6d07e91c54cb0b68784478ad51d

HTTP Headers

GET /wp-content/uploads/2023/11/bayern-munich-fc-copenhagen-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:18 GMT
accept-ranges: bytes
content-length: 6455
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/venezia-hotel-american-webcam-150x150.jpg

192.185.106.252

8.7 kB

URL
www.vugla.com/wp-content/uploads/2021/11/venezia-hotel-american-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
8.7 kB (8711 bytes)
Hash
28c9a5e8e62a39738f7bc8ac1fa6b48f
7f4da1c08ed3c8a8bc002cab89c8b7075a891f71
0ace7120a49ad48ea7bff5399d0ba657cd9b95265b6e229a1c39d3f463cecef7

HTTP Headers

GET /wp-content/uploads/2021/11/venezia-hotel-american-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Nov 2021 17:30:21 GMT
accept-ranges: bytes
content-length: 8711
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/sta-uradi-zena-od-mikija-djuricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje-620x350.jpg

192.185.106.252

38 kB

URL
www.vugla.com/wp-content/uploads/2023/12/sta-uradi-zena-od-mikija-djuricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje-620x350.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 620x350, components 3\012- data
Size
38 kB (38515 bytes)
Hash
c3d006420eded6f923359c6fac79628b
8ddea011198dbe97e007fbf4ffdab1430b9cc1dc
6c23daa636211d4c105e90cd3548c801e9891f937dfc682dee58800ec31c5c7d

HTTP Headers

GET /wp-content/uploads/2023/12/sta-uradi-zena-od-mikija-djuricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje-620x350.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 01 Dec 2023 09:55:26 GMT
accept-ranges: bytes
content-length: 38515
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1

192.185.106.252

1.4 kB

URL
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text
Size
1.4 kB (1389 bytes)
Hash
6755415003869bd599c3fae8e9792027
57946a22c79654014eb00fb548f727d302221873
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

HTTP Headers

GET /wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:28 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1389
content-type: application/javascript
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1

192.185.106.252

7.0 kB

URL
www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with very long lines (14641), with CRLF line terminators
Size
7.0 kB (6964 bytes)
Hash
ad955f14cdcc21d58014f25ab7c8d46d
8915b95d672d54be6fb01a239088aba305d4798e
d6304e162f8fe5054a4c5430d2f1d78ea2ad54c1ff61ea708d148bf385312407

HTTP Headers

GET /wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 12:00:08 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 6964
content-type: application/javascript
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/real-madrid-napoli-golovi-29-11-2023-150x150.jpg

192.185.106.252

7.0 kB

URL
www.vugla.com/wp-content/uploads/2023/11/real-madrid-napoli-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
7.0 kB (7027 bytes)
Hash
4776d86e08cc2943fbe3b675ec2c3727
692544e5a085db465793d417ab2c5e74f3551d73
9635934bdad0b3ce053f55c3dc84166f64e4a3ca982589117b9b79a01989d46e

HTTP Headers

GET /wp-content/uploads/2023/11/real-madrid-napoli-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:24 GMT
accept-ranges: bytes
content-length: 7027
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png

192.185.106.252

1.8 kB

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1762 bytes)
Hash
9cb3d67f468539abb72395dc73934190
9928de37e21649c1799e3287a13f897a34aab5e1
04a457e988270cb1dc76bd57ac8e62fddf02c02b618a1ac6cb0880b93633f5e0

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 1762
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png

192.185.106.252

725 B

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
725 B (725 bytes)
Hash
5da9fb18cfc9264a6e95b4a8bf4d2fcb
7bb78a36bc621ea268a0dad519c9c5c539e751ce
c6e399926b1aeb3634681cf7eb6af4e355325a6b2b6f8a89ad65ece3523fab18

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 725
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/viber-64x64.png

192.185.106.252

7.1 kB

URL
www.vugla.com/wp-content/themes/vugla/images/mobile-share/viber-64x64.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7120 bytes)
Hash
de186be4358ae6892385bcb78cc79b01
d933c306c857b9e84e321c4756d384a6e8093da2
c912b95fc0e537dbd5d103172a9ad3df2a3c8ad4ce5e6d6cebbaf31d7f6d58be

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/viber-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 22 Dec 2016 10:00:29 GMT
accept-ranges: bytes
content-length: 7120
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:56 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3

192.185.106.252

83 B

URL
www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3

192.185.106.252

83 B

URL
www.vugla.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3

192.185.106.252

83 B

URL
www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_reset.css

192.185.106.252

1.2 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_reset.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
1.2 kB (1152 bytes)
Hash
b5ae6c0ccd961d29a2924b03b0cbdd6e
3293dc40aa870c1cf79180eb7bd5c2ff28f3bd0a
0838fff76cfa3bad87963e64a610ea8d60b2dc8d0781a7531a2385f65de1ab2f

HTTP Headers

GET /wp-content/themes/vugla/css/style_reset.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:34 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1152
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/elastislide.css

192.185.106.252

674 B

URL
www.vugla.com/wp-content/themes/vugla/css/elastislide.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
674 B (674 bytes)
Hash
fac0ce1d7bcbe2001f963e204b03b3a4
fe650403bcbc74567e384eb3762c874835f6cad1
d8dcd83dfb6275b55ae8e495f6924dcfc52024a52f5639446a00de846ec7c7b9

HTTP Headers

GET /wp-content/themes/vugla/css/elastislide.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:21 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 674
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_400.css

192.185.106.252

2.4 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_400.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2412 bytes)
Hash
1150741460f65df53d2a23c598e5807c
5520fd0a709fdfdc80089452403dbfa49b79f7d4
e0e19f2d1b42abb0a12a95da1488a3fb300ceeb34984bc9e321063184acb019b

HTTP Headers

GET /wp-content/themes/vugla/css/style_400.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2412
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_320.css

192.185.106.252

2.4 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_320.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2413 bytes)
Hash
cc437b9ea4ed072bf7636ec9013f026d
df8db436e5193d474b97364dc0cd532a9b390fe5
4e92c5bc2c3f90209e1bec52f50461d8c04d82a539296918f0db0c61af63aab2

HTTP Headers

GET /wp-content/themes/vugla/css/style_320.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2413
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_1024.css

192.185.106.252

2.3 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_1024.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
2.3 kB (2267 bytes)
Hash
7f4d3aa769cc8bb0e3c77745ff5c9d64
2da3458d48663a397a5a42c3bb52777bc5889dc0
7a6c4ca634ef663c6a3887df843fc04c40632ff46c53eb9f7d35bfcde21453b4

HTTP Headers

GET /wp-content/themes/vugla/css/style_1024.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:28 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2267
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1

192.185.106.252

213 kB

URL
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (48222)
Size
213 kB (212736 bytes)
Hash
31a760feaf6fb6896a6c95cda3bf1ed8
14af725b5fd76b838aed87b9eb78cd05a7f28a78
336943ccd34fc81e0b3fcf58844f1cec4b37f8e0c9a8613937737fa7551095b2

HTTP Headers

GET /wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: application/javascript
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/flexslider.css

192.185.106.252

1.5 kB

URL
www.vugla.com/wp-content/themes/vugla/css/flexslider.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1526 bytes)
Hash
aed0d9c2792c1ca777bfce04eb08ae7a
64e98271e4539dbf8819fa9d801017423c9bc30b
7f7b09426068a9bacddeefcf29f89063307fdc903ac45a569853b8c452d9b62d

HTTP Headers

GET /wp-content/themes/vugla/css/flexslider.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 08 May 2014 09:18:47 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1526
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/tabber.css

192.185.106.252

1.7 kB

URL
www.vugla.com/wp-content/themes/vugla/css/tabber.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
1.7 kB (1710 bytes)
Hash
a3e36a4db7b488bd984dd17c6e17cf63
33e7b11f7e1f149f954b6d938db9e36599816e8a
3609900b90f9835e1525c38bb6b1bcbffea0a14894799e54a07c2a9df09cb03d

HTTP Headers

GET /wp-content/themes/vugla/css/tabber.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1710
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_768.css

192.185.106.252

2.5 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_768.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (408), with CRLF line terminators
Size
2.5 kB (2538 bytes)
Hash
14b717ed0c77c605f84b5b9a6b9892e9
5723bca38e18b8155b26f923590a05657911a377
6f37f5624b7bc60317a9c37a473fdf7dc34474d5f52cf169a7d52b35ca1dc0dd

HTTP Headers

GET /wp-content/themes/vugla/css/style_768.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:32 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2538
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js

173.233.137.44

9.3 kB

URL
pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
Unicode text, UTF-8 text, with very long lines (25091), with no line terminators
Size
9.3 kB (9279 bytes)
Hash
cdf72c3f6529265d0596765ec9b74fc9
325ef1cd2d11b17f5c9b3196ec7c88ee5cf8c921
3982269ee71f3f748a204dab97a6898e5666eb1126ce89e03ad70062501f305b

HTTP Headers

GET /c9123167a2366d360cd4d80dad2ac358/invoke.js HTTP/1.1
Host: pl16411290.alternativecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 19:01:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 57ded9f885146d4d8f634fd37d1242a9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.kursnalista.co/banners/banners.js

192.185.106.47

1.3 kB

URL
www.kursnalista.co/banners/banners.js
IP
192.185.106.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, Unicode text, UTF-8 text, with very long lines (394), with CRLF line terminators
Size
1.3 kB (1261 bytes)
Hash
0fa58c243ecc9c6ff829da27563c78c4
771e757dcaddc90a127b557e6a8a69b9dfe4767d
4631955f687225007a1227be7e662f1f45798c13a573f70670e748ff50aa194b

HTTP Headers

GET /banners/banners.js HTTP/1.1
Host: www.kursnalista.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sun, 10 Jul 2022 10:44:43 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1261
content-type: application/javascript
date: Fri, 01 Dec 2023 19:01:57 GMT
server: Apache
X-Firefox-Spdy: h2

pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js

173.233.139.164

15 kB

URL
pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (42814), with no line terminators
Size
15 kB (15440 bytes)
Hash
e206940c29ec588c495d7f6df16798cd
06e7223de222ccc1c7d3a21b8626290263d59252
787461b81b1efb219008028cebb0328d8ddb73e96826e8b2a8408b0d7b9995c6

HTTP Headers

GET /d1/37/02/d137022925bcc2a680f8a4476ff94144.js HTTP/1.1
Host: pl15560907.passtechusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 19:01:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 21950ce746fd5bfabe75c566b472d616
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.131

48 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 14:58:12 GMT
expires: Thu, 28 Nov 2024 14:58:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 187425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html

192.185.106.252

0 B

URL
www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-pingback: https://www.vugla.com/xmlrpc.php
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/", <https://www.vugla.com/wp-json/wp/v2/posts/574575>; rel="alternate"; type="application/json", <https://www.vugla.com/?p=574575>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=10800
expires: Fri, 01 Dec 2023 22:01:57 GMT
vary: User-Agent
referrer-policy: 
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 19:01:57 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.131

48 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 14:58:12 GMT
expires: Thu, 28 Nov 2024 14:58:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 187425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1

192.185.106.252

71 kB

URL
www.vugla.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
gzip compressed data, from Unix\012- data
Size
71 kB (71069 bytes)
Hash
98b8fa6edbd61557314e668198ae22ff
6000bd9d3f90b23840491335de1eeb7e78e9229d
80449e4691bc6d77e2aca8b56a7d12c9ab7c17d59e805d97b3a90494b8094fbf

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

142.250.74.131

35 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Size
35 kB (35120 bytes)
Hash
dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Nov 2023 21:36:44 GMT
expires: Wed, 27 Nov 2024 21:36:44 GMT
cache-control: public, max-age=31536000
age: 249913
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/search-arrow.png

192.185.106.252

3.1 kB

URL
www.vugla.com/wp-content/themes/vugla/images/search-arrow.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 75 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3075 bytes)
Hash
3f8933cdf4d27e317eb59959257f8c7a
b16e414fcb1561603cbf4ac404ec8b6fae1563ff
167925a8f225d7fc340317265409496b2d90e4313bd7d70bca4262bb1477eaf0

HTTP Headers

GET /wp-content/themes/vugla/images/search-arrow.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:13 GMT
accept-ranges: bytes
content-length: 3075
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:57 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 19:01:57 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/preloader.gif

192.185.106.252

1.7 kB

URL
www.vugla.com/wp-content/themes/vugla/images/preloader.gif
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 16 x 16\012- data
Size
1.7 kB (1737 bytes)
Hash
dd6b7b0bf5c3af22499abc0a9ee1e1b2
e8c0018145d616fac4deb460d9c1d9c9dd4d3302
0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847

HTTP Headers

GET /wp-content/themes/vugla/images/preloader.gif HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:08 GMT
accept-ranges: bytes
content-length: 1737
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:57 GMT
referrer-policy: 
pragma: public
content-type: image/gif
date: Fri, 01 Dec 2023 19:01:57 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html

192.185.106.252

0 B

URL
www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-pingback: https://www.vugla.com/xmlrpc.php
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/", <https://www.vugla.com/wp-json/wp/v2/posts/574575>; rel="alternate"; type="application/json", <https://www.vugla.com/?p=574575>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=10800
expires: Fri, 01 Dec 2023 22:01:57 GMT
vary: User-Agent
referrer-policy: 
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 19:01:57 GMT
server: Apache
X-Firefox-Spdy: h2

eehuzaih.com/400/5005565

139.45.197.237

34 kB

URL
eehuzaih.com/400/5005565
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
gzip compressed data, max speed, from Unix\012- data
Size
34 kB (34373 bytes)
Hash
8d083f4ba4fddb9a621b6be75c07019d
ac068c1e362a9972576590caa2b8ddbb8c0306bd
0b11c6b8d22ce141b7bfab930f3a79254ab865a8649009eba2ac21b4133b6239

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /400/5005565 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:57 GMT
content-type: application/javascript
x-trace-id: 76bee4263856a46444811e19c6ffc11e
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=682140eb1ac6419184a9a0af5633ed48; expires=Sat, 30 Nov 2024 19:01:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

65 B

URL
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
2bdaea7dd94ab3bba7f38a4d1a0e3581
d690cb05a81bd22001bce951d2bd75d93c346694
6fadc4ae7c190d0e7d7d1d9cb9fac467048fd63d11f5c95047e0c18d8b31ff22

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:58 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=cb5b3d21396e4748a85129b6171c1f6e; expires=Sat, 30 Nov 2024 19:01:58 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

eehuzaih.com/500/5005565?excludes=&oaid=cb5b3d21396e4748a85129b6171c1f6e&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0

139.45.197.237

0 B

URL
eehuzaih.com/500/5005565?excludes=&oaid=cb5b3d21396e4748a85129b6171c1f6e&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/5005565?excludes=&oaid=cb5b3d21396e4748a85129b6171c1f6e&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:58 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701457322118&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=230982160.1701457323&ul=en-us&sr=1280x1024&_s=1&sid=1701457322&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&dt=%C5%A0ta%20uradi%20%C5%BEena%20od%20mikija%20%C4%91uri%C4%8Di%C4%87a!%20Menja%20pelene%2C%20pravi%20mleko%20za%20sina%2C%20%C4%8Disti%20ku%C4%87u%E2%80%A6%20A%20evo%20kad%20ulazi%20u%20elitu%2C%20otkrio%20detalje!%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3183

216.239.34.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701457322118&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=230982160.1701457323&ul=en-us&sr=1280x1024&_s=1&sid=1701457322&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&dt=%C5%A0ta%20uradi%20%C5%BEena%20od%20mikija%20%C4%91uri%C4%8Di%C4%87a!%20Menja%20pelene%2C%20pravi%20mleko%20za%20sina%2C%20%C4%8Disti%20ku%C4%87u%E2%80%A6%20A%20evo%20kad%20ulazi%20u%20elitu%2C%20otkrio%20detalje!%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3183
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701457322118&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=230982160.1701457323&ul=en-us&sr=1280x1024&_s=1&sid=1701457322&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&dt=%C5%A0ta%20uradi%20%C5%BEena%20od%20mikija%20%C4%91uri%C4%8Di%C4%87a!%20Menja%20pelene%2C%20pravi%20mleko%20za%20sina%2C%20%C4%8Disti%20ku%C4%87u%E2%80%A6%20A%20evo%20kad%20ulazi%20u%20elitu%2C%20otkrio%20detalje!%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3183 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.vugla.com
date: Fri, 01 Dec 2023 19:01:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg

104.22.33.172

19 kB

URL
offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg
IP
104.22.33.172:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
19 kB (19381 bytes)
Hash
71581bf2ce9a00138faf7dd80fe3e12e
56479135ed64bf23e1037067c0c87047eb8a414c
5d9f95c8c06343cc189b38268296615ed8816d8154b4b782ad0d62bedd23525e

HTTP Headers

GET /www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:01:58 GMT
content-type: image/jpeg
content-length: 19381
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
cache-control: max-age=86400
cf-bgj: h2pri
etag: "65674405-4bb5"
expires: Sat, 02 Dec 2023 14:07:42 GMT
last-modified: Wed, 29 Nov 2023 14:00:37 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 17656
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed94efd9312e10-ARN
X-Firefox-Spdy: h2

www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js

173.233.137.60

11 kB

URL
www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
exported SGML document, ASCII text, with very long lines (29643), with no line terminators
Size
11 kB (10916 bytes)
Hash
223406d9dbf6d31ee7d9236d1c95ea29
8a45024df7b5013212b1fd369c5670655bd55b66
8eb1cd23b38e67fb1ec812debb06ff9f68891aeecaf2edeba8c0a73081c27ed0

HTTP Headers

GET /c3b6bab9a3e6c622d733121998e0014d/invoke.js HTTP/1.1
Host: www.variouscreativeformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 19:01:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4f03557d4dda7506dedce0168947cf3e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

142.250.74.131

35 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Size
35 kB (35120 bytes)
Hash
dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Nov 2023 21:36:44 GMT
expires: Wed, 27 Nov 2024 21:36:44 GMT
cache-control: public, max-age=31536000
age: 249914
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

proftrafficcounter.com/stats

18.184.210.76

40 B

URL
proftrafficcounter.com/stats
IP
18.184.210.76:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
00ef323d41f94a3aace3460378178bc7
a87589d68e33b88642b9b3a6600032f9d2f13931
044fba3c1b4567a3b601500e4412d5e86922738cb1989cc71dc70e9cac124a21

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:01:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.vugla.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=c16c1f96-a3ba-4922-be3e-6f94e69b1be9:1:1; expires=Mon, 28 Nov 2033 19:01:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

142.250.74.131

50 kB

URL
fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 50368, version 1.0\012- data
Size
50 kB (50368 bytes)
Hash
4facfd6ff39e147b7e39c4b1abe4117d
0f7c0d978c209d21eb3f55950fc43e77c196ec3b
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

HTTP Headers

GET /s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:08 GMT
expires: Fri, 29 Nov 2024 04:57:08 GMT
cache-control: public, max-age=31536000
age: 137090
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

142.250.74.131

16 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16424, version 1.0\012- data
Size
16 kB (16424 bytes)
Hash
aa485a5ac8e86032c387497a6e8e139a
c29462206cfb74110ce0e59a2fb5e8cbedbf9c96
db5d7bb36691306bda51b903c84fbdef4206d3c166b8080100915d16a617f5ea

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16424
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:48:47 GMT
expires: Thu, 28 Nov 2024 21:48:47 GMT
cache-control: public, max-age=31536000
age: 162791
last-modified: Thu, 14 Sep 2023 00:41:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

proftrafficcounter.com/stats

18.184.210.76

40 B

URL
proftrafficcounter.com/stats
IP
18.184.210.76:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
00ef323d41f94a3aace3460378178bc7
a87589d68e33b88642b9b3a6600032f9d2f13931
044fba3c1b4567a3b601500e4412d5e86922738cb1989cc71dc70e9cac124a21

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: uid_id2=c16c1f96-a3ba-4922-be3e-6f94e69b1be9:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:01:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.vugla.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3

192.185.106.252

83 B

URL
www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701457322.1.0.1701457322.60.0.0; _ga=GA1.1.230982160.1701457323
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 19:01:58 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/top-arrow.png

192.185.106.252

305 B

URL
www.vugla.com/wp-content/themes/vugla/images/top-arrow.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 50 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
305 B (305 bytes)
Hash
1fe20be2c98304e84623d10905435835
7ba0264f96984d92cfe0750c802f9af1ee7cb88b
1c3cbd61a972428028066c1e9abcfa7c0ef37d3b1de39d7b09455177a94eec52

HTTP Headers

GET /wp-content/themes/vugla/images/top-arrow.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701457322.1.0.1701457322.60.0.0; _ga=GA1.1.230982160.1701457323
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:25 GMT
accept-ranges: bytes
content-length: 305
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:58 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 19:01:58 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/small-social-sprite.png

192.185.106.252

3.8 kB

URL
www.vugla.com/wp-content/themes/vugla/images/small-social-sprite.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 272 x 95, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3812 bytes)
Hash
1aabf6dabc51ca6168aa98fbecbf79e2
0e4cb499aff16fedb2097658da7d2baa1bdafaa8
09ac67d0b81afe77f52b59ee9abc68ba2dd7cf0ebbc85703c75a76c2586e93aa

HTTP Headers

GET /wp-content/themes/vugla/images/small-social-sprite.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701457322.1.0.1701457322.60.0.0; _ga=GA1.1.230982160.1701457323
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:16 GMT
accept-ranges: bytes
content-length: 3812
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:58 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 19:01:58 GMT
server: Apache
X-Firefox-Spdy: h2

upkoffingr.com/zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471

139.45.197.251

972 B

URL
upkoffingr.com/zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (971)
Size
972 B (972 bytes)
Hash
64f047fe127c40083700b04d3811ca27
8f6e71715f3ae8766c33ae08d590fdc202bd865d
0dd4bfd4e574ecf2df30bcd49a6afbc84ffe9a14227f17502561dfca63a51ac7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: upkoffingr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:58 GMT
content-type: application/json; charset=utf-8
content-length: 972
x-trace-id: 4315b157f56d0080d812ed658a8a95d5
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/34-osetila-sam-strast-34-anita-ispricala-pravu-istinu-o-odnosu-sa-svalerkom-mateom-car-slomila-matoru-na-paramparcad-290x166.jpg

192.185.106.252

9.8 kB

URL
www.vugla.com/wp-content/uploads/2023/11/34-osetila-sam-strast-34-anita-ispricala-pravu-istinu-o-odnosu-sa-svalerkom-mateom-car-slomila-matoru-na-paramparcad-290x166.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 290x166, components 3\012- data
Size
9.8 kB (9839 bytes)
Hash
22437b9e020bf3762095660f69eec68e
480ab04b19fa592d30a15811af996bfce0edc9bc
cbbb34820e55f309c5e3125e7f33d46533121b95a2ba45ce3a541b69b2120de3

HTTP Headers

GET /wp-content/uploads/2023/11/34-osetila-sam-strast-34-anita-ispricala-pravu-istinu-o-odnosu-sa-svalerkom-mateom-car-slomila-matoru-na-paramparcad-290x166.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701457322.1.0.1701457322.60.0.0; _ga=GA1.1.230982160.1701457323
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 28 Nov 2023 11:54:58 GMT
accept-ranges: bytes
content-length: 9839
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:58 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:58 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/34-nema-tu-nista-od-razvoda-34-diskralifikovani-pozgaj-progovorio-o-matoroj-i-aniti-otkrio-sta-se-stvarno-desava-u-beloj-kuci-290x166.jpg

192.185.106.252

8.1 kB

URL
www.vugla.com/wp-content/uploads/2023/11/34-nema-tu-nista-od-razvoda-34-diskralifikovani-pozgaj-progovorio-o-matoroj-i-aniti-otkrio-sta-se-stvarno-desava-u-beloj-kuci-290x166.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 290x166, components 3\012- data
Size
8.1 kB (8093 bytes)
Hash
a20355135821b5d03cf15af3d9834724
16990093050e00395f2e46e5caee3a440277def6
05a3ee10b7763dec57768fa13759386785a635beda2a253a9018561b93a92c93

HTTP Headers

GET /wp-content/uploads/2023/11/34-nema-tu-nista-od-razvoda-34-diskralifikovani-pozgaj-progovorio-o-matoroj-i-aniti-otkrio-sta-se-stvarno-desava-u-beloj-kuci-290x166.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701457322.1.0.1701457322.60.0.0; _ga=GA1.1.230982160.1701457323
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 08:18:57 GMT
accept-ranges: bytes
content-length: 8093
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:58 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:58 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/34-bolece-te-kao-mene-to-ti-potpisujem-34-sa-se-jos-nije-razveo-a-bacio-pipke-na-mionu-zakonita-zena-vanja-mu-uputila-brutalne-reci-290x166.jpg

192.185.106.252

9.5 kB

URL
www.vugla.com/wp-content/uploads/2023/11/34-bolece-te-kao-mene-to-ti-potpisujem-34-sa-se-jos-nije-razveo-a-bacio-pipke-na-mionu-zakonita-zena-vanja-mu-uputila-brutalne-reci-290x166.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 290x166, components 3\012- data
Size
9.5 kB (9518 bytes)
Hash
01953576710bd32a1548161ef1b3365f
b43a6b603b8d2223034566aba914459990b21bbb
849376a14cdbc2ae42680ac16aad4b1524ff7325ae2d0cb6abfb86b1b824c291

HTTP Headers

GET /wp-content/uploads/2023/11/34-bolece-te-kao-mene-to-ti-potpisujem-34-sa-se-jos-nije-razveo-a-bacio-pipke-na-mionu-zakonita-zena-vanja-mu-uputila-brutalne-reci-290x166.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701457322.1.0.1701457322.60.0.0; _ga=GA1.1.230982160.1701457323
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 11:54:17 GMT
accept-ranges: bytes
content-length: 9518
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:58 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:58 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_main.css

192.185.106.252

32 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_main.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
gzip compressed data, from Unix\012- data
Size
32 kB (32181 bytes)
Hash
1986c80cdd705e59a1a11be9a3780605
22f88e7c748d4fb7d6acd16edbb6656e4908e3b2
f31302f68174e301529896c89011d473199272ba9d662f59eb264a9206cae57b

HTTP Headers

GET /wp-content/themes/vugla/css/style_main.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 23 May 2014 15:19:09 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: text/css
date: Fri, 01 Dec 2023 19:01:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3

192.185.106.252

83 B

URL
www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701457322.1.0.1701457322.60.0.0; _ga=GA1.1.230982160.1701457323
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 19:01:58 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.kursnalista.co/banners/uporedni_kurs_300x600.jpg

192.185.106.47

54 kB

URL
www.kursnalista.co/banners/uporedni_kurs_300x600.jpg
IP
192.185.106.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 300x600, components 3\012- data
Size
54 kB (53464 bytes)
Hash
4131ffe615910bf891cf42b303439f53
7886d66ba41838b4b48c400327009fb96d50340a
ccb4605a5b626a5106e29669eb66d7714959aea56d913f21afad152c5bb0b56f

HTTP Headers

GET /banners/uporedni_kurs_300x600.jpg HTTP/1.1
Host: www.kursnalista.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 10 Jun 2015 16:19:02 GMT
accept-ranges: bytes
content-length: 53464
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:58 GMT
server: Apache
X-Firefox-Spdy: h2

tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=cb5b3d21396e4748a85129b6171c1f6e

139.45.197.238

0 B

URL
tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=cb5b3d21396e4748a85129b6171c1f6e
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=cb5b3d21396e4748a85129b6171c1f6e HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 01 Dec 2023 19:01:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__

142.250.74.78

226 B

URL
apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
226 B (226 bytes)
Hash
4df07581948280a6e769a24c5d99d775
843a2c95362347eb8894a6acb607f139be65ded4
3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73

HTTP Headers

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 19:01:59 GMT
expires: Fri, 01 Dec 2023 19:31:59 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

tharbadir.com/27/b7af9eee900df9a8aa2af9ad8ee46174

139.45.197.238

162 kB

URL
tharbadir.com/27/b7af9eee900df9a8aa2af9ad8ee46174
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
gzip compressed data, max speed, from Unix\012- data
Size
162 kB (162208 bytes)
Hash
2f504d3e7ab6a807a23cfcc7f41ec1fa
62ac332e92d3ccd4d42dffb1f34867f60caabf60
2a4efa327b10fd2aa6a6e636b1a5ce60422846f3adee242ad6065675a6804800

HTTP Headers

GET /27/b7af9eee900df9a8aa2af9ad8ee46174 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: scm=1; OAID=01e4e2e3b4cd4d95aae6f26f2d78669b; oaidts=1701457316
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:58 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: e618604a3ae17487b69cc610e251409c
cache-control: max-age:290304000, public
last-modified: Fri, 24 Nov 2023 06:46:08 GMT
expires: Fri, 24 Dec 2083 06:46:08 GMT
access-control-expose-headers: X-Sc
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2013/11/bckg-vugla-dark.jpg

192.185.106.252

267 kB

URL
www.vugla.com/wp-content/uploads/2013/11/bckg-vugla-dark.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 2000x1200, components 3\012- data
Size
267 kB (267247 bytes)
Hash
11e97d76a4b329319978b9da6f46b5b0
ae03d14a5b568ed59c1772ee2065e160e93428ae
9fbe33f0e52a532495bb5d56584e250e0d3cf1acc5a04acb7cbb2e39bb6c6a42

HTTP Headers

GET /wp-content/uploads/2013/11/bckg-vugla-dark.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701457322.1.0.1701457322.60.0.0; _ga=GA1.1.230982160.1701457323; prefetchAd_1316441=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=c16c1f96-a3ba-4922-be3e-6f94e69b1be9%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 20 Nov 2013 16:40:33 GMT
accept-ranges: bytes
content-length: 267247
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 19:01:59 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 19:01:59 GMT
server: Apache
X-Firefox-Spdy: h2

www.profitabledisplaycontent.com/watch.187893804588.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22%C5%A1ta%22%2C%22uradi%22%2C%22%C5%BEena%22%2C%22od%22%2C%22mikija%22%2C%22%C4%91uri%C4%8Di%C4%87a%22%2C%22menja%22%2C%22pelene%22%2C%22pravi%22%2C%22mleko%22%2C%22za%22%2C%22sina%22%2C%22%C4%8Disti%22%2C%22ku%C4%87u%E2%80%A6%22%2C%22a%22%2C%22evo%22%2C%22kad%22%2C%22ulazi%22%2C%22u%22%2C%22elitu%22%2C%22otkrio%22%2C%22detalje%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&tz=0&dev=e&res=14.3095&uuid=c16c1f96-a3ba-4922-be3e-6f94e69b1be9%3A1%3A1

173.233.137.60

0 B

URL
www.profitabledisplaycontent.com/watch.187893804588.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22%C5%A1ta%22%2C%22uradi%22%2C%22%C5%BEena%22%2C%22od%22%2C%22mikija%22%2C%22%C4%91uri%C4%8Di%C4%87a%22%2C%22menja%22%2C%22pelene%22%2C%22pravi%22%2C%22mleko%22%2C%22za%22%2C%22sina%22%2C%22%C4%8Disti%22%2C%22ku%C4%87u%E2%80%A6%22%2C%22a%22%2C%22evo%22%2C%22kad%22%2C%22ulazi%22%2C%22u%22%2C%22elitu%22%2C%22otkrio%22%2C%22detalje%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&tz=0&dev=e&res=14.3095&uuid=c16c1f96-a3ba-4922-be3e-6f94e69b1be9%3A1%3A1
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.187893804588.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22%C5%A1ta%22%2C%22uradi%22%2C%22%C5%BEena%22%2C%22od%22%2C%22mikija%22%2C%22%C4%91uri%C4%8Di%C4%87a%22%2C%22menja%22%2C%22pelene%22%2C%22pravi%22%2C%22mleko%22%2C%22za%22%2C%22sina%22%2C%22%C4%8Disti%22%2C%22ku%C4%87u%E2%80%A6%22%2C%22a%22%2C%22evo%22%2C%22kad%22%2C%22ulazi%22%2C%22u%22%2C%22elitu%22%2C%22otkrio%22%2C%22detalje%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&tz=0&dev=e&res=14.3095&uuid=c16c1f96-a3ba-4922-be3e-6f94e69b1be9%3A1%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 19:01:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.187893804588.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22%C5%A1ta%22%2C%22uradi%22%2C%22%C5%BEena%22%2C%22od%22%2C%22mikija%22%2C%22%C4%91uri%C4%8Di%C4%87a%22%2C%22menja%22%2C%22pelene%22%2C%22pravi%22%2C%22mleko%22%2C%22za%22%2C%22sina%22%2C%22%C4%8Disti%22%2C%22ku%C4%87u%E2%80%A6%22%2C%22a%22%2C%22evo%22%2C%22kad%22%2C%22ulazi%22%2C%22u%22%2C%22elitu%22%2C%22otkrio%22%2C%22detalje%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&tz=0&dev=e&res=14.3095&uuid=c16c1f96-a3ba-4922-be3e-6f94e69b1be9%3A1%3A1&shu=1ddcd17ec11f81df90b234f299d2e55062c957d36b5943f8ddee8cf2bf8490fd97ac2916cbd4bab36485e6de0de9553525990d7eed108a09f58d93174967625af9426390313ab31498a0eb9dd7c71d62c27dab821804349c86ac31e9549f08c4&pst=1701457379&rmtc=t
Set-Cookie: u_pl=14611544; expires=Sat, 02 Dec 2023 19:01:59 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDYxMTU0NCwiayI6ImMzYjZiYWI5YTNlNmM2MjJkNzMzMTIxOTk4ZTAwMTRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDcwMTYsInBpZCI6ODU0ODQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjcsInB0Ijo0LCJwayI6ImUydHg4d3EydHciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tL3N0YS11cmFkaS16ZW5hLW9kLW1pa2lqYS1kdXJpY2ljYS1tZW5qYS1wZWxlbmUtcHJhdmktbWxla28temEtc2luYS1jaXN0aS1rdWN1LWEtZXZvLWthZC11bGF6aS11LWVsaXR1LW90a3Jpby1kZXRhbGplLmh0bWwiLCJhciI6W119fQ.KM_t8NrxPOjA2H1fNnAiUiCFOsmeN1nrelg4CdDmqlg; expires=Fri, 01 Dec 2023 19:02:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c913acc692fdf068bb3af32e4e921788
Strict-Transport-Security: max-age=0; includeSubdomains

upkoffingr.com/custom

139.45.197.251

0 B

URL
upkoffingr.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: upkoffingr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:59 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=f256e9d628484d939b0a8c440f2b87cd&zoneId=1548391&checkDuplicate=true&ymid=&var=

139.45.195.8

65 B

URL
my.rtmark.net/gid.js?pub=0&userId=f256e9d628484d939b0a8c440f2b87cd&zoneId=1548391&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
2bdaea7dd94ab3bba7f38a4d1a0e3581
d690cb05a81bd22001bce951d2bd75d93c346694
6fadc4ae7c190d0e7d7d1d9cb9fac467048fd63d11f5c95047e0c18d8b31ff22

HTTP Headers

GET /gid.js?pub=0&userId=f256e9d628484d939b0a8c440f2b87cd&zoneId=1548391&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Cookie: ID=cb5b3d21396e4748a85129b6171c1f6e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:59 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=cb5b3d21396e4748a85129b6171c1f6e; expires=Sat, 30 Nov 2024 19:01:59 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

pinefluencydiffuse.com/ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3

173.233.137.52

13 kB

URL
pinefluencydiffuse.com/ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (12660), with no line terminators
Size
13 kB (12661 bytes)
Hash
4f9d16f188fc805f39a4a5b6139a56dc
189c35c5a08193eb57c2d957e041f183483ab67f
ba79d0bb64e86210c345497556e73baaab400ce04de80772514b7ae014543bef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3 HTTP/1.1
Host: pinefluencydiffuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 19:01:59 GMT
Content-Type: application/json
Content-Length: 12661
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16310791; expires=Sat, 02 Dec 2023 19:01:59 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 02 Dec 2023 19:01:59 GMT; secure; SameSite=None
uncs=1; expires=Sat, 02 Dec 2023 19:01:59 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sat, 02 Dec 2023 19:01:59 GMT; secure; SameSite=None
uncs49=1; expires=Sat, 02 Dec 2023 19:01:59 GMT; secure; SameSite=None
nlecc9123167a2366d360cd4d80dad2ac358=[2229213,3637745,2229215]; expires=Fri, 01 Dec 2023 19:02:04 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 299a98006e8c4b62f5932b3832a0fd14
Strict-Transport-Security: max-age=0; includeSubdomains

upkoffingr.com/custom

139.45.197.251

39 B

URL
upkoffingr.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: upkoffingr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 480
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:59 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 3b7e8de9907d042092b86de26d7be0b5
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

tharbadir.com/11?rnd=1006516458&z=2892323&b=15540606&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=Y-a5-RHUAGDRpI2uV0fQvcIYvUNYtW17lhHE61TMK36mg8KkEKVBWLB3fKp2bbD7ydIgv2a1r5jRzOJsO6y9kI6h_Ji_JbTYeTk90W3LZqYrS1XR6MmZ5u10AYO3sdIy6JGhPggJrTTVivMYrEjTM6NyUu2e7-VNdhmDOag6jNSADse4t6RBM_GvSiMqhfuphaaikvpVxGfbZCJf43i3XsHruc67GcKgWOjaW54x461b2b2yex9c7ZCjgHgK0AumHjKeXz38YoeeH-Z2tnABBpompXst_HoxENpdGUq3-D9XufeUBfj6VlzZQxlBRwwkapZOqgiKgbe7Mjo32PYPZX0smecb-V5PIdVfdKkyw2c3KkV7m93gb5m03WPcg4LsGdZJB7vSmws-IuWfT4IrB37IhCVdKcnUcuVpsAWsmUY203EMwos80e-IKY9AMftJSJpViqhLvMcRqiLGtRH0rQ1c6sLPf-ILXiw5HS9dh-oTqrZk_idyeE5O4vXC_5E8uTyD4lfWdZjdrTsXrCFchDUImbCz1BYsdIkiFTy6lRRcHeWzLsYP8XFgiNApLVUVbjTriY0-y7e97Uw3zJex245j3DHISBQmE-8UjWQf8zf0rt0C2DayMqCy6d__42W8Bm_L-wBzmkCFUZJIPyOWaOirW22FirnPNhUqAGxoiMY1rG8x-p3M-DD9KESFRssmNP6aKTahi9yMgUN7KndBcs1bQWHGP1AzyOj1kch0tW87nzC034beB49iQ_fiFFbEWE2CfvhcuRzq3rQT0Yc9cKqU2xQOXfQF&ruid=353225bb-2d58-43fe-b779-836540872e88&subid=754529289929494528&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ot=603

139.45.197.238

0 B

URL
tharbadir.com/11?rnd=1006516458&z=2892323&b=15540606&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=Y-a5-RHUAGDRpI2uV0fQvcIYvUNYtW17lhHE61TMK36mg8KkEKVBWLB3fKp2bbD7ydIgv2a1r5jRzOJsO6y9kI6h_Ji_JbTYeTk90W3LZqYrS1XR6MmZ5u10AYO3sdIy6JGhPggJrTTVivMYrEjTM6NyUu2e7-VNdhmDOag6jNSADse4t6RBM_GvSiMqhfuphaaikvpVxGfbZCJf43i3XsHruc67GcKgWOjaW54x461b2b2yex9c7ZCjgHgK0AumHjKeXz38YoeeH-Z2tnABBpompXst_HoxENpdGUq3-D9XufeUBfj6VlzZQxlBRwwkapZOqgiKgbe7Mjo32PYPZX0smecb-V5PIdVfdKkyw2c3KkV7m93gb5m03WPcg4LsGdZJB7vSmws-IuWfT4IrB37IhCVdKcnUcuVpsAWsmUY203EMwos80e-IKY9AMftJSJpViqhLvMcRqiLGtRH0rQ1c6sLPf-ILXiw5HS9dh-oTqrZk_idyeE5O4vXC_5E8uTyD4lfWdZjdrTsXrCFchDUImbCz1BYsdIkiFTy6lRRcHeWzLsYP8XFgiNApLVUVbjTriY0-y7e97Uw3zJex245j3DHISBQmE-8UjWQf8zf0rt0C2DayMqCy6d__42W8Bm_L-wBzmkCFUZJIPyOWaOirW22FirnPNhUqAGxoiMY1rG8x-p3M-DD9KESFRssmNP6aKTahi9yMgUN7KndBcs1bQWHGP1AzyOj1kch0tW87nzC034beB49iQ_fiFFbEWE2CfvhcuRzq3rQT0Yc9cKqU2xQOXfQF&ruid=353225bb-2d58-43fe-b779-836540872e88&subid=754529289929494528&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ot=603
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=1006516458&z=2892323&b=15540606&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=Y-a5-RHUAGDRpI2uV0fQvcIYvUNYtW17lhHE61TMK36mg8KkEKVBWLB3fKp2bbD7ydIgv2a1r5jRzOJsO6y9kI6h_Ji_JbTYeTk90W3LZqYrS1XR6MmZ5u10AYO3sdIy6JGhPggJrTTVivMYrEjTM6NyUu2e7-VNdhmDOag6jNSADse4t6RBM_GvSiMqhfuphaaikvpVxGfbZCJf43i3XsHruc67GcKgWOjaW54x461b2b2yex9c7ZCjgHgK0AumHjKeXz38YoeeH-Z2tnABBpompXst_HoxENpdGUq3-D9XufeUBfj6VlzZQxlBRwwkapZOqgiKgbe7Mjo32PYPZX0smecb-V5PIdVfdKkyw2c3KkV7m93gb5m03WPcg4LsGdZJB7vSmws-IuWfT4IrB37IhCVdKcnUcuVpsAWsmUY203EMwos80e-IKY9AMftJSJpViqhLvMcRqiLGtRH0rQ1c6sLPf-ILXiw5HS9dh-oTqrZk_idyeE5O4vXC_5E8uTyD4lfWdZjdrTsXrCFchDUImbCz1BYsdIkiFTy6lRRcHeWzLsYP8XFgiNApLVUVbjTriY0-y7e97Uw3zJex245j3DHISBQmE-8UjWQf8zf0rt0C2DayMqCy6d__42W8Bm_L-wBzmkCFUZJIPyOWaOirW22FirnPNhUqAGxoiMY1rG8x-p3M-DD9KESFRssmNP6aKTahi9yMgUN7KndBcs1bQWHGP1AzyOj1kch0tW87nzC034beB49iQ_fiFFbEWE2CfvhcuRzq3rQT0Yc9cKqU2xQOXfQF&ruid=353225bb-2d58-43fe-b779-836540872e88&subid=754529289929494528&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ot=603 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: scm=1; OAID=cb5b3d21396e4748a85129b6171c1f6e; oaidts=1701457316
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:59 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 62cad4ac0c0e09b04374ed4790332d71
access-control-expose-headers: X-Sc
set-cookie: OAID=cb5b3d21396e4748a85129b6171c1f6e; expires=Sat, 30 Nov 2024 19:01:59 GMT; secure; SameSite=None
oaidts=1701457316; expires=Sat, 30 Nov 2024 19:01:59 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

173.233.137.60

643 B

URL
www.profitabledisplaycontent.com/watch.187893804588.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22%C5%A1ta%22%2C%22uradi%22%2C%22%C5%BEena%22%2C%22od%22%2C%22mikija%22%2C%22%C4%91uri%C4%8Di%C4%87a%22%2C%22menja%22%2C%22pelene%22%2C%22pravi%22%2C%22mleko%22%2C%22za%22%2C%22sina%22%2C%22%C4%8Disti%22%2C%22ku%C4%87u%E2%80%A6%22%2C%22a%22%2C%22evo%22%2C%22kad%22%2C%22ulazi%22%2C%22u%22%2C%22elitu%22%2C%22otkrio%22%2C%22detalje%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&tz=0&dev=e&res=14.3095&uuid=c16c1f96-a3ba-4922-be3e-6f94e69b1be9%3A1%3A1&shu=1ddcd17ec11f81df90b234f299d2e55062c957d36b5943f8ddee8cf2bf8490fd97ac2916cbd4bab36485e6de0de9553525990d7eed108a09f58d93174967625af9426390313ab31498a0eb9dd7c71d62c27dab821804349c86ac31e9549f08c4&pst=1701457379&rmtc=t
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document, ASCII text, with very long lines (603)
Size
643 B (643 bytes)
Hash
a7ddc4cb3d474a20fffa1e71e840e429
252169dc2a35eec55e0ee93d6f8425cc5b6cd125
ed18950b293e0f3579e708fe3247e179511b21645e524ede5b9e762caa84c40b

HTTP Headers

GET /watch.187893804588.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22%C5%A1ta%22%2C%22uradi%22%2C%22%C5%BEena%22%2C%22od%22%2C%22mikija%22%2C%22%C4%91uri%C4%8Di%C4%87a%22%2C%22menja%22%2C%22pelene%22%2C%22pravi%22%2C%22mleko%22%2C%22za%22%2C%22sina%22%2C%22%C4%8Disti%22%2C%22ku%C4%87u%E2%80%A6%22%2C%22a%22%2C%22evo%22%2C%22kad%22%2C%22ulazi%22%2C%22u%22%2C%22elitu%22%2C%22otkrio%22%2C%22detalje%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&tz=0&dev=e&res=14.3095&uuid=c16c1f96-a3ba-4922-be3e-6f94e69b1be9%3A1%3A1&shu=1ddcd17ec11f81df90b234f299d2e55062c957d36b5943f8ddee8cf2bf8490fd97ac2916cbd4bab36485e6de0de9553525990d7eed108a09f58d93174967625af9426390313ab31498a0eb9dd7c71d62c27dab821804349c86ac31e9549f08c4&pst=1701457379&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
Referer: https://www.vugla.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=14611544; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDYxMTU0NCwiayI6ImMzYjZiYWI5YTNlNmM2MjJkNzMzMTIxOTk4ZTAwMTRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDcwMTYsInBpZCI6ODU0ODQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjcsInB0Ijo0LCJwayI6ImUydHg4d3EydHciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tL3N0YS11cmFkaS16ZW5hLW9kLW1pa2lqYS1kdXJpY2ljYS1tZW5qYS1wZWxlbmUtcHJhdmktbWxla28temEtc2luYS1jaXN0aS1rdWN1LWEtZXZvLWthZC11bGF6aS11LWVsaXR1LW90a3Jpby1kZXRhbGplLmh0bWwiLCJhciI6W119fQ.KM_t8NrxPOjA2H1fNnAiUiCFOsmeN1nrelg4CdDmqlg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 19:01:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=c16c1f96-a3ba-4922-be3e-6f94e69b1be9:1:1; expires=Fri, 08 Dec 2023 19:01:59 GMT; secure; SameSite=None
iprccc95a9ba55128a353794de1cf9b0c4c0=2717342; expires=Sat, 02 Dec 2023 21:01:59 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 02 Dec 2023 19:01:59 GMT; secure; SameSite=None
uncs=1; expires=Sat, 02 Dec 2023 19:01:59 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sat, 02 Dec 2023 19:01:59 GMT; secure; SameSite=None
uncs27=1; expires=Sat, 02 Dec 2023 19:01:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d8ce4dd053c484611b82f472986031f3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

tharbadir.com/121?rnd=2527310791&z=2892323&b=15540606&c=6274858&var=&varid=0&d=https%3A%2F%2Fb6f71hwqomrafu683pz507uj2g.hop.clickbank.net%2F%3Ftid%3Dgo1%26clickid%3D754529289929494528&cln={CELL_NUMBER}&btp=7&rb=Y-a5-RHUAGDRpI2uV0fQvcIYvUNYtW17lhHE61TMK36mg8KkEKVBWLB3fKp2bbD7ydIgv2a1r5jRzOJsO6y9kI6h_Ji_JbTYeTk90W3LZqYrS1XR6MmZ5u10AYO3sdIy6JGhPggJrTTVivMYrEjTM6NyUu2e7-VNdhmDOag6jNSADse4t6RBM_GvSiMqhfuphaaikvpVxGfbZCJf43i3XsHruc67GcKgWOjaW54x461b2b2yex9c7ZCjgHgK0AumHjKeXz38YoeeH-Z2tnABBpompXst_HoxENpdGUq3-D9XufeUBfj6VlzZQxlBRwwkapZOqgiKgbe7Mjo32PYPZX0smecb-V5PIdVfdKkyw2c3KkV7m93gb5m03WPcg4LsGdZJB7vSmws-IuWfT4IrB37IhCVdKcnUcuVpsAWsmUY203EMwos80e-IKY9AMftJSJpViqhLvMcRqiLGtRH0rQ1c6sLPf-ILXiw5HS9dh-oTqrZk_idyeE5O4vXC_5E8uTyD4lfWdZjdrTsXrCFchDUImbCz1BYsdIkiFTy6lRRcHeWzLsYP8XFgiNApLVUVbjTriY0-y7e97Uw3zJex245j3DHISBQmE-8UjWQf8zf0rt0C2DayMqCy6d__42W8Bm_L-wBzmkCFUZJIPyOWaOirW22FirnPNhUqAGxoiMY1rG8x-p3M-DD9KESFRssmNP6aKTahi9yMgUN7KndBcs1bQWHGP1AzyOj1kch0tW87nzC034beB49iQ_fiFFbEWE2CfvhcuRzq3rQT0Yc9cKqU2xQOXfQF&bag=m9KTT4gLUECUw2rdNjB4wVI27VpjxJxA&ruid=353225bb-2d58-43fe-b779-836540872e88&subid=754529289929494528

139.45.197.238

0 B

URL
tharbadir.com/121?rnd=2527310791&z=2892323&b=15540606&c=6274858&var=&varid=0&d=https%3A%2F%2Fb6f71hwqomrafu683pz507uj2g.hop.clickbank.net%2F%3Ftid%3Dgo1%26clickid%3D754529289929494528&cln={CELL_NUMBER}&btp=7&rb=Y-a5-RHUAGDRpI2uV0fQvcIYvUNYtW17lhHE61TMK36mg8KkEKVBWLB3fKp2bbD7ydIgv2a1r5jRzOJsO6y9kI6h_Ji_JbTYeTk90W3LZqYrS1XR6MmZ5u10AYO3sdIy6JGhPggJrTTVivMYrEjTM6NyUu2e7-VNdhmDOag6jNSADse4t6RBM_GvSiMqhfuphaaikvpVxGfbZCJf43i3XsHruc67GcKgWOjaW54x461b2b2yex9c7ZCjgHgK0AumHjKeXz38YoeeH-Z2tnABBpompXst_HoxENpdGUq3-D9XufeUBfj6VlzZQxlBRwwkapZOqgiKgbe7Mjo32PYPZX0smecb-V5PIdVfdKkyw2c3KkV7m93gb5m03WPcg4LsGdZJB7vSmws-IuWfT4IrB37IhCVdKcnUcuVpsAWsmUY203EMwos80e-IKY9AMftJSJpViqhLvMcRqiLGtRH0rQ1c6sLPf-ILXiw5HS9dh-oTqrZk_idyeE5O4vXC_5E8uTyD4lfWdZjdrTsXrCFchDUImbCz1BYsdIkiFTy6lRRcHeWzLsYP8XFgiNApLVUVbjTriY0-y7e97Uw3zJex245j3DHISBQmE-8UjWQf8zf0rt0C2DayMqCy6d__42W8Bm_L-wBzmkCFUZJIPyOWaOirW22FirnPNhUqAGxoiMY1rG8x-p3M-DD9KESFRssmNP6aKTahi9yMgUN7KndBcs1bQWHGP1AzyOj1kch0tW87nzC034beB49iQ_fiFFbEWE2CfvhcuRzq3rQT0Yc9cKqU2xQOXfQF&bag=m9KTT4gLUECUw2rdNjB4wVI27VpjxJxA&ruid=353225bb-2d58-43fe-b779-836540872e88&subid=754529289929494528
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /121?rnd=2527310791&z=2892323&b=15540606&c=6274858&var=&varid=0&d=https%3A%2F%2Fb6f71hwqomrafu683pz507uj2g.hop.clickbank.net%2F%3Ftid%3Dgo1%26clickid%3D754529289929494528&cln={CELL_NUMBER}&btp=7&rb=Y-a5-RHUAGDRpI2uV0fQvcIYvUNYtW17lhHE61TMK36mg8KkEKVBWLB3fKp2bbD7ydIgv2a1r5jRzOJsO6y9kI6h_Ji_JbTYeTk90W3LZqYrS1XR6MmZ5u10AYO3sdIy6JGhPggJrTTVivMYrEjTM6NyUu2e7-VNdhmDOag6jNSADse4t6RBM_GvSiMqhfuphaaikvpVxGfbZCJf43i3XsHruc67GcKgWOjaW54x461b2b2yex9c7ZCjgHgK0AumHjKeXz38YoeeH-Z2tnABBpompXst_HoxENpdGUq3-D9XufeUBfj6VlzZQxlBRwwkapZOqgiKgbe7Mjo32PYPZX0smecb-V5PIdVfdKkyw2c3KkV7m93gb5m03WPcg4LsGdZJB7vSmws-IuWfT4IrB37IhCVdKcnUcuVpsAWsmUY203EMwos80e-IKY9AMftJSJpViqhLvMcRqiLGtRH0rQ1c6sLPf-ILXiw5HS9dh-oTqrZk_idyeE5O4vXC_5E8uTyD4lfWdZjdrTsXrCFchDUImbCz1BYsdIkiFTy6lRRcHeWzLsYP8XFgiNApLVUVbjTriY0-y7e97Uw3zJex245j3DHISBQmE-8UjWQf8zf0rt0C2DayMqCy6d__42W8Bm_L-wBzmkCFUZJIPyOWaOirW22FirnPNhUqAGxoiMY1rG8x-p3M-DD9KESFRssmNP6aKTahi9yMgUN7KndBcs1bQWHGP1AzyOj1kch0tW87nzC034beB49iQ_fiFFbEWE2CfvhcuRzq3rQT0Yc9cKqU2xQOXfQF&bag=m9KTT4gLUECUw2rdNjB4wVI27VpjxJxA&ruid=353225bb-2d58-43fe-b779-836540872e88&subid=754529289929494528 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: scm=1; OAID=cb5b3d21396e4748a85129b6171c1f6e; oaidts=1701457316
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Fri, 01 Dec 2023 19:01:59 GMT
content-length: 0
location: https://b6f71hwqomrafu683pz507uj2g.hop.clickbank.net/?tid=go1&clickid=754529289929494528
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 6a6031577119e1b40828a80785a89d23
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

0 B

URL
amunfezanttor.com/event
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:59 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

0 B

URL
amunfezanttor.com/event
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:59 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

94 B

URL
amunfezanttor.com/event
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
1437ee452e830779b4164cefa2fb05de
fc83472a0d5935c3a2cf0659cf06afb666d95068
b4bd5d3d904629d6ef5d1768a0c6e985f76663fcc0848967b5a764a1855c702b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 619
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:59 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

94 B

URL
amunfezanttor.com/event
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
69e0102735fe4a1fba4d44ce7da9bdc7
ce121af4b40331dc41b0dc08ea2d09ad21129b83
431288bacd416dbfd7415bfa28461c034c8dbdad25c62534bc5a0feda2237b07

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 619
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:59 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg

45.133.44.10

23 kB

URL
cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
23 kB (22987 bytes)
Hash
4452445afb73fab8af9ff308eb667024
130401c47d822426e1cce9981c30d775cba1b576
923b0ac505decd181f473f1fa460f21590777993c3581723f127b032d8c45bdd

HTTP Headers

GET /cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:00 GMT
content-type: image/jpeg
content-length: 22987
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:16:05 GMT
etag: "611243d5-59cb"
expires: Sun, 03 Dec 2023 19:02:00 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg

45.133.44.10

21 kB

URL
cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
21 kB (20566 bytes)
Hash
8f4953c1b8baece7bb7d226247561ce2
da5d440970606602026d7900a55ae2fd27a3f170
8fd9df7d8e48ff2519631e82e01519d4f1c65abd41ec977c18abb58df9832919

HTTP Headers

GET /si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:00 GMT
content-type: image/jpeg
content-length: 20566
server: nginx/1.21.6
last-modified: Thu, 01 Sep 2022 12:51:28 GMT
etag: "6310aad0-5056"
expires: Sun, 03 Dec 2023 19:02:00 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg

45.133.44.10

23 kB

URL
cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
23 kB (22883 bytes)
Hash
c6f19781c79ff746b99178f813cfbff2
5c307e43c63001535aa3a3683777dbb1a7f0775b
816b5a5d078f27271fa2d7c210d708f386a6f9fbd9242531b07f0b051382870d

HTTP Headers

GET /cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:00 GMT
content-type: image/jpeg
content-length: 22883
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:15:16 GMT
etag: "611243a4-5963"
expires: Sun, 03 Dec 2023 19:02:00 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

devoutdoubtfulsample.com/pixel/sbe?t=1&error=timeout

173.233.137.44

0 B

URL
devoutdoubtfulsample.com/pixel/sbe?t=1&error=timeout
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: devoutdoubtfulsample.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 19:02:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14611544

173.233.137.60

1.4 kB

URL
conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14611544
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (480)
Size
1.4 kB (1403 bytes)
Hash
284083e7963fa72ed415eac465ed3fea
47a6f7fffdc99b34e30a38b2699e74d39c8ff942
b8a117035312e1550d982a144c1e7b928c3bbf4efc9e1dd685133a7d40eb836b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14611544 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 19:02:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Sat, 02 Dec 2023 19:02:00 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTQ2MTE1NDQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tLyIsImFyIjpbXX19._kMba8V6HzMXM_VBffdMTfsxb4qAX7zxUo7Z4PryQbo; expires=Fri, 01 Dec 2023 19:03:00 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 86f6bc791d478471148828663474f8ed
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701457322118&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=230982160.1701457323&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701457322&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&dt=%C5%A0ta%20uradi%20%C5%BEena%20od%20mikija%20%C4%91uri%C4%8Di%C4%87a!%20Menja%20pelene%2C%20pravi%20mleko%20za%20sina%2C%20%C4%8Disti%20ku%C4%87u%E2%80%A6%20A%20evo%20kad%20ulazi%20u%20elitu%2C%20otkrio%20detalje!%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=6222

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701457322118&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=230982160.1701457323&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701457322&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&dt=%C5%A0ta%20uradi%20%C5%BEena%20od%20mikija%20%C4%91uri%C4%8Di%C4%87a!%20Menja%20pelene%2C%20pravi%20mleko%20za%20sina%2C%20%C4%8Disti%20ku%C4%87u%E2%80%A6%20A%20evo%20kad%20ulazi%20u%20elitu%2C%20otkrio%20detalje!%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=6222
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/sta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701457322118&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=230982160.1701457323&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701457322&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&dt=%C5%A0ta%20uradi%20%C5%BEena%20od%20mikija%20%C4%91uri%C4%8Di%C4%87a!%20Menja%20pelene%2C%20pravi%20mleko%20za%20sina%2C%20%C4%8Disti%20ku%C4%87u%E2%80%A6%20A%20evo%20kad%20ulazi%20u%20elitu%2C%20otkrio%20detalje!%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=6222 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://www.vugla.com
date: Fri, 01 Dec 2023 19:02:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE0NjExNTQ0JnBzdD0xNzAxNDU3MzgwJnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnZ1Z2xhLmNvbSUyRiZybXRjPXQmc2h1PTA4NWY2ODBjNGJkMWE4ZGEzNDYzMmU3ZjVlNmI3N2M5Yzk2NzRjMGVjYTlhYzQ2NmU4YWFlYTg2Zjg2MmU4ZjQ1MGZjMzllYzRhZjA0ZTQ4OTBlNTY0NmJiZDdmNDA1ODBkNWJjNTFlMGU1MTVkYjI2ZWE4MjM1YzFkMDIyZDFlODNjZDAzMzA2NWY1YTY3MTRkNDQ0ZmVkYmRiMWYwNzVlNjgyZTY4MDdjZjU5ZWMyZDY2MWQ2MTk4YzZlYTM1NmZk&uuid=&pii=&in=false

192.243.61.225

0 B

URL
conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE0NjExNTQ0JnBzdD0xNzAxNDU3MzgwJnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnZ1Z2xhLmNvbSUyRiZybXRjPXQmc2h1PTA4NWY2ODBjNGJkMWE4ZGEzNDYzMmU3ZjVlNmI3N2M5Yzk2NzRjMGVjYTlhYzQ2NmU4YWFlYTg2Zjg2MmU4ZjQ1MGZjMzllYzRhZjA0ZTQ4OTBlNTY0NmJiZDdmNDA1ODBkNWJjNTFlMGU1MTVkYjI2ZWE4MjM1YzFkMDIyZDFlODNjZDAzMzA2NWY1YTY3MTRkNDQ0ZmVkYmRiMWYwNzVlNjgyZTY4MDdjZjU5ZWMyZDY2MWQ2MTk4YzZlYTM1NmZk&uuid=&pii=&in=false
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE0NjExNTQ0JnBzdD0xNzAxNDU3MzgwJnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnZ1Z2xhLmNvbSUyRiZybXRjPXQmc2h1PTA4NWY2ODBjNGJkMWE4ZGEzNDYzMmU3ZjVlNmI3N2M5Yzk2NzRjMGVjYTlhYzQ2NmU4YWFlYTg2Zjg2MmU4ZjQ1MGZjMzllYzRhZjA0ZTQ4OTBlNTY0NmJiZDdmNDA1ODBkNWJjNTFlMGU1MTVkYjI2ZWE4MjM1YzFkMDIyZDFlODNjZDAzMzA2NWY1YTY3MTRkNDQ0ZmVkYmRiMWYwNzVlNjgyZTY4MDdjZjU5ZWMyZDY2MWQ2MTk4YzZlYTM1NmZk&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTQ2MTE1NDQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tLyIsImFyIjpbXX19._kMba8V6HzMXM_VBffdMTfsxb4qAX7zxUo7Z4PryQbo; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 19:02:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=2fe51f88b0b3f8a78eb83afc723e45a0&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
Set-Cookie: iprc7f15f4e83feb02e92472d5bd6364866a=4641329; expires=Sat, 02 Dec 2023 19:02:01 GMT
pdhtkv=true; expires=Sat, 02 Dec 2023 19:02:01 GMT
uncs=1; expires=Sat, 02 Dec 2023 19:02:01 GMT
pdhtkv28=true; expires=Sat, 02 Dec 2023 19:02:01 GMT
uncs28=1; expires=Sat, 02 Dec 2023 19:02:01 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4d55883f3a73b200ec906b280fb956d8
Strict-Transport-Security: max-age=0; includeSubdomains

violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=2fe51f88b0b3f8a78eb83afc723e45a0&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625

192.64.81.118

0 B

URL
violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=2fe51f88b0b3f8a78eb83afc723e45a0&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
IP
192.64.81.118:0
ASN
#19318 IS-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=2fe51f88b0b3f8a78eb83afc723e45a0&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625 HTTP/1.1
Host: violationphysics.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Fri, 01 Dec 2023 19:02:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h9x9ejj2ib; expires=Sat, 02-Dec-2023 19:02:01 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h9x9ejj2ib-h9x9ejj2ib-hq1m-0-q5a4bl-ftxofe-ft8pdz-ada94d; expires=Sat, 02-Dec-2023 19:02:01 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660
Strict-Transport-Security: max-age=31536000

vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660

104.21.22.161

0 B

URL
vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660
IP
104.21.22.161:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pl=zKByXHsQK0ydGD7DogbGyA&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660 HTTP/1.1
Host: vvfal.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 01 Dec 2023 19:02:02 GMT
content-length: 0
location: https://vvfal.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&nrid=b7af9a8cea1440e88ff2d55016da285f&hash=8qPX36rG6UbraGbglhVpnQ&exp=1701457622
set-cookie: zKByXHsQK0ydGD7DogbGyA=5; max-age=345600; path=/; samesite=lax
__pl=2ddffde8-684e-4809-97e4-8779f6478491; expires=Mon, 01 Dec 2025 19:02:02 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYsxsRTcWSs5J2wOKLfvN5rNVkHRGxOLlrk29FT9yF80YbEPEjWNENPlIzll5W9jrJTaRqiBHhXrvieAiayiFk6gOR03IA0rPf6b4PxJ0U6Bd3BzJOhLmtj8MxoxRFondFBnDXPsC53Ne9BV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ed9506ef79b527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vvfal.veinmaster.top/eyes-robot/assets/1.png

172.64.103.19

11 kB

URL
vvfal.veinmaster.top/eyes-robot/assets/1.png
IP
172.64.103.19:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10591 bytes)
Hash
a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

HTTP Headers

GET /eyes-robot/assets/1.png HTTP/1.1
Host: vvfal.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&nrid=b7af9a8cea1440e88ff2d55016da285f&hash=8qPX36rG6UbraGbglhVpnQ&exp=1701457622
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 19:02:02 GMT
content-type: image/png
content-length: 10591
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5748
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xm7UacXlw7oYzr%2FtIQe0818mKBbpPTn1RnOZhTzf1q1td4S5E3kpb804IffeaTSyGeVlq1qjV2hlo1PgqbdRjANLOxk%2B8pwtzJrZnUvZQ%2FFQp79i%2F2%2BZxivFFtc7Fpbe9kCooxe1VA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed95093ee123e7-LHR
alt-svc: h3=":443"; ma=86400

vvfal.veinmaster.top/eyes-robot/assets/2.png

172.64.103.19

1.1 kB

URL
vvfal.veinmaster.top/eyes-robot/assets/2.png
IP
172.64.103.19:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1061 bytes)
Hash
d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

HTTP Headers

GET /eyes-robot/assets/2.png HTTP/1.1
Host: vvfal.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&nrid=b7af9a8cea1440e88ff2d55016da285f&hash=8qPX36rG6UbraGbglhVpnQ&exp=1701457622
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 19:02:02 GMT
content-type: image/png
content-length: 1061
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-425"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4775
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJpbv3df9ATGvj7XbFDRG0%2F2fL13%2FaLy3hm3GPjsB1oEBxNrxnArAmCIFd5hGz7gHYLxOnz%2FLLl%2BoNHOF3mIgAEhtsisOIoOGHSHG5fzg8zxPPB68KBYz9la0ZlNGayHONGTTHTJdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed95093ee523e7-LHR
alt-svc: h3=":443"; ma=86400

vvfal.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&nrid=b7af9a8cea1440e88ff2d55016da285f&hash=8qPX36rG6UbraGbglhVpnQ&exp=1701457622

172.64.103.19

13 kB

URL
vvfal.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&nrid=b7af9a8cea1440e88ff2d55016da285f&hash=8qPX36rG6UbraGbglhVpnQ&exp=1701457622
IP
172.64.103.19:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
13 kB (13221 bytes)
Hash
d091598187b0c2607db0dc04029e3457
0594d408ea97d509719300d8e4c19ce49078f55b
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8

HTTP Headers

GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&nrid=b7af9a8cea1440e88ff2d55016da285f&hash=8qPX36rG6UbraGbglhVpnQ&exp=1701457622 HTTP/1.1
Host: vvfal.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:02 GMT
content-type: text/html
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FycIgkegB5SJRsVDdsWQPT8R6kFKoHDpe%2B%2FGHxoYYOWC9YvfoPsbGIhgfn17udRTGo8YqmFwi7e1nMkWKu0Ydjgf6FconQvWwfE2jdqNH3gDMtUN6%2Fc4Y5UHlSbveDLi9jlkaUJR6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ed9507fa25886e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnstatic.veinmaster.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.veinmaster.top&timeout=30&tb=true&nrid=b7af9a8cea1440e88ff2d55016da285f

172.64.103.19

13 kB

URL
cdnstatic.veinmaster.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.veinmaster.top&timeout=30&tb=true&nrid=b7af9a8cea1440e88ff2d55016da285f
IP
172.64.103.19:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (31624), with no line terminators
Size
13 kB (13129 bytes)
Hash
c2c5f48165d5d5fffd3fdcd898c7a1c5
f9ed81cd97c1fea46b1cd5c0b32e8234bfa93198
897a135fb708294f2fd225c403f3a6a4053353424e01fae5cf36be527bbf262f

HTTP Headers

GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.veinmaster.top&timeout=30&tb=true&nrid=b7af9a8cea1440e88ff2d55016da285f HTTP/1.1
Host: cdnstatic.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.veinmaster.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 19:02:02 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
set-cookie: __psu=37a68cb6-d8cc-41df-84bc-37b70a99a86f; expires=Mon, 01 Dec 2025 19:02:02 GMT; path=/; secure; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7z3E7uXCghN612GkyqybCr9O%2BZMeMn5kDpXBoMyUBExUt6FWIRZe63Gea2eMKweuW8xfjJ376kwtzecK5gJViSfGW6tOWSf3LMwVkXf1lbFicxWQGOkGe4rWrJFZvwge4vNkcJSOAHWGEy0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed9509c82a23e7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdnstatic.veinmaster.top/ps/config.js?id=zKByXHsQK0ydGD7DogbGyA

172.64.103.19

9.5 kB

URL
cdnstatic.veinmaster.top/ps/config.js?id=zKByXHsQK0ydGD7DogbGyA
IP
172.64.103.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
9.5 kB (9540 bytes)
Hash
512755a6a34075b4a23c875b7ae24013
f8cecb3663d1d20fcf19a10af2a47d8238636ed3
d9cc92407823fafcd54c6e83fb6b9a51fbf3a4d9c73b2f4da64243d24ce2f81a

HTTP Headers

GET /ps/config.js?id=zKByXHsQK0ydGD7DogbGyA HTTP/1.1
Host: cdnstatic.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.veinmaster.top/
Cookie: __psu=37a68cb6-d8cc-41df-84bc-37b70a99a86f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 19:02:02 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ADFcnZ7e9byheCM4WiJWXzmjTlIP1vzoz23rCkdFqSa0J1IopRn9N5Oq4VIe7OHeudxP8mXAUUhNS5X25kFYKh5GB8jZqBakpydrutRNmwEF9RO5MPpdT7UOv9cd3FRoxXI5azu3hiL6I0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed950a791c23e7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.35

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.veinmaster.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 136590
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

a.veinmaster.top/eyes-robot/assets/1.png

172.64.103.19

11 kB

URL
a.veinmaster.top/eyes-robot/assets/1.png
IP
172.64.103.19:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10591 bytes)
Hash
a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

HTTP Headers

GET /eyes-robot/assets/1.png HTTP/1.1
Host: a.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&nrid=b7af9a8cea1440e88ff2d55016da285f&hash=8qPX36rG6UbraGbglhVpnQ&exp=1701457622
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 19:02:02 GMT
content-type: image/png
content-length: 10591
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5039
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMrd10qsm3DRp3wrz8434eDqz%2Ff%2BiDdqvLq0VPmkAZ9RhPtagtWUGrODV7YcliOqKr823LGTcjzcu6dfaHifY4nq63kvJ6U5ZVMzdpuSOwpfKfoK6%2BINtwFwNdLzZrLFSuwS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed950c7c1923e7-LHR
alt-svc: h3=":443"; ma=86400

upkoffingr.com/pfe/current/universal.min.js?v=3.1.471

139.45.197.251

34 kB

URL
upkoffingr.com/pfe/current/universal.min.js?v=3.1.471
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
gzip compressed data, max speed, from Unix\012- data
Size
34 kB (34412 bytes)
Hash
c86296f918651bd16a78debd80643321
7309ea4c993f7614fd40607419cac37e973a13cb
db6293930cabc05558be3cbacb99abcb2d05cb3549bb00f67a026ae7e5ebbf0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.471 HTTP/1.1
Host: upkoffingr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:58 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 13:38:02 GMT
etag: W/"65649bba-1572c"
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

a.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&nrid=b7af9a8cea1440e88ff2d55016da285f&hash=8qPX36rG6UbraGbglhVpnQ&exp=1701457622

172.64.103.19

12 kB

URL
a.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&nrid=b7af9a8cea1440e88ff2d55016da285f&hash=8qPX36rG6UbraGbglhVpnQ&exp=1701457622
IP
172.64.103.19:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
12 kB (11488 bytes)
Hash
d091598187b0c2607db0dc04029e3457
0594d408ea97d509719300d8e4c19ce49078f55b
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8

HTTP Headers

GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&nrid=b7af9a8cea1440e88ff2d55016da285f&hash=8qPX36rG6UbraGbglhVpnQ&exp=1701457622 HTTP/1.1
Host: a.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.veinmaster.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 19:02:02 GMT
content-type: text/html
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7w0KY8vtxM%2F5eP7wbkwPVL818dFiIdxKWZvz1NgPr30XruHxyhNABPn%2F3BczWIPj2HevMVjcaZYOQ8F4xPrOM%2FREC8cU1EVM1yyyNKC41ATs7AyeOs0%2Bu0vr3tTQbcgftUX2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ed950bcb1823e7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.veinmaster.top/eyes-robot/assets/trls.js

172.64.103.19

15 kB

URL
a.veinmaster.top/eyes-robot/assets/trls.js
IP
172.64.103.19:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Size
15 kB (14861 bytes)
Hash
0cdacbfa8d68265ac3893b159a75682a
a85878b59036d00ac878739dc187305bc29df8c3
2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b

HTTP Headers

GET /eyes-robot/assets/trls.js HTTP/1.1
Host: a.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&nrid=b7af9a8cea1440e88ff2d55016da285f&hash=8qPX36rG6UbraGbglhVpnQ&exp=1701457622
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 19:02:02 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: W/"6569b076-2af6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 806
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ke6FmfWgYdu7NRG%2FYO%2BzXu%2BBnFVP0BxPL9pZsfY%2B65cyUSMdhAS2F%2BxkSaJwTjN8sPdmloQH%2BANsQNM6l1%2BadaFULy%2Fg4VzLLFcY0F5KoPvGJvoi09G9qPflnmfw9wHrEfO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed950c7c1023e7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

142.250.74.35

9.3 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (28368)
Size
9.3 kB (9308 bytes)
Hash
9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

HTTP Headers

GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.veinmaster.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 06:08:34 GMT
expires: Fri, 29 Nov 2024 06:08:34 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 132809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.35

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.veinmaster.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 136591
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d

173.233.137.52

1.3 kB

URL
www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (412)
Size
1.3 kB (1337 bytes)
Hash
910118da816970e9d8a64a9036732ded
e58679852e53248d8ddcd83279764b62d0d2ec9c
89cda191f3fc847b9193badda4031f011853556c997cdb945ccf2da4c22916b8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 19:02:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=19854905; expires=Sat, 02 Dec 2023 19:02:03 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; expires=Fri, 01 Dec 2023 19:03:03 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 91d186474d36ceec3c9f5b1cab5d09f9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNDU3MzgzJnJtdGM9dCZzaHU9OTk5OTQ0MWEyYjNmMjQ2MmRiMjdmYjVhNzlmMDUxODFkOTI1MjhlOTExZTUxOTk3ZGNkZmFlZjdjZWI3MTk1YTU0YWU1OTM1NWU0NWRhZWRmYjIzMTUzMmM1M2Q5N2RkNWQ5NjVkZTQ4NmMzMTFmYjI3ZThlOTE1OTRiMzM2NTRkNWM2OWM5NGI0ZTZiYTQ1OGQ5ODExOWY0MDFiZWI4NzVjMTE5MDcxZDcwMDNlYWExY2RmZjA4YjVhYTY2Nw%3D%3D&uuid=&pii=&in=false

173.233.137.60

0 B

URL
www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNDU3MzgzJnJtdGM9dCZzaHU9OTk5OTQ0MWEyYjNmMjQ2MmRiMjdmYjVhNzlmMDUxODFkOTI1MjhlOTExZTUxOTk3ZGNkZmFlZjdjZWI3MTk1YTU0YWU1OTM1NWU0NWRhZWRmYjIzMTUzMmM1M2Q5N2RkNWQ5NjVkZTQ4NmMzMTFmYjI3ZThlOTE1OTRiMzM2NTRkNWM2OWM5NGI0ZTZiYTQ1OGQ5ODExOWY0MDFiZWI4NzVjMTE5MDcxZDcwMDNlYWExY2RmZjA4YjVhYTY2Nw%3D%3D&uuid=&pii=&in=false
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNDU3MzgzJnJtdGM9dCZzaHU9OTk5OTQ0MWEyYjNmMjQ2MmRiMjdmYjVhNzlmMDUxODFkOTI1MjhlOTExZTUxOTk3ZGNkZmFlZjdjZWI3MTk1YTU0YWU1OTM1NWU0NWRhZWRmYjIzMTUzMmM1M2Q5N2RkNWQ5NjVkZTQ4NmMzMTFmYjI3ZThlOTE1OTRiMzM2NTRkNWM2OWM5NGI0ZTZiYTQ1OGQ5ODExOWY0MDFiZWI4NzVjMTE5MDcxZDcwMDNlYWExY2RmZjA4YjVhYTY2Nw%3D%3D&uuid=&pii=&in=false HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.toprevenuegate.com/zj77nccnbs?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=19854905
Cookie: u_pl=19854905; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 19:02:04 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905
Set-Cookie: pdhtkv=true; expires=Sat, 02 Dec 2023 19:02:04 GMT
uncs=1; expires=Sat, 02 Dec 2023 19:02:04 GMT
pdhtkv28=true; expires=Sat, 02 Dec 2023 19:02:04 GMT
uncs28=1; expires=Sat, 02 Dec 2023 19:02:04 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e36fb36cd04982c868d7c8d33c8aae5c
Strict-Transport-Security: max-age=0; includeSubdomains

adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905

13.107.246.53

307 Temporary Redirect

0 B

URL User Request GET HTTP/2
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905
IP
13.107.246.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerTrustwave Holdings, Inc.
Subjectaffiliates.kindredplc.com
Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F
ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
cache-control: private,no-cache, no-store
pragma: no-cache
content-type: text/html
location: https://www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210648486077%7c1%22%7d%5d; domain=.unibet.com; expires=Sun, 01-Dec-3022 19:02:04 GMT; path=/; secure; SameSite=Strict
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-azure-ref: 0rC1qZQAAAADk1JCHSovFQIVdDUxehxwAU1ZHMjBFREdFMDUwOQAyZDk5MzlkMy05NTUxLTQ2ZmYtOGEyNi01ZWZmY2FhMWQ5OGM=
x-cache: CONFIG_NOCACHE
date: Fri, 01 Dec 2023 19:02:04 GMT
content-length: 0
X-Firefox-Spdy: h2

www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950

85.184.96.28

301 Moved Permanently

0 B

URL User Request GET HTTP/2
www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950
IP
85.184.96.28:443
ASN
#47171 Unibet Services Limited

Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 01 Dec 2023 19:02:05 GMT
content-length: 0
location: https://www.unibet.com:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950
set-cookie: JSESSIONID=node02saq2jfcavihh1pvdl51l2wz4974406.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node02saq2jfcavihh1pvdl51l2wz4; Path=/; Domain=.unibet.com; Expires=Sun, 30-Nov-2025 19:02:05 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Sun, 30-Nov-2025 19:02:05 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.toprevenuegate.com/"; Path=/; Domain=.unibet.com; Expires=Sun, 30-Nov-2025 19:02:05 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.com; Secure; SameSite=None
B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; Path=/; Domain=.unibet.com; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.com; Secure; SameSite=None
PID=94151521; Path=/; Domain=.unibet.com; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; Path=/; Domain=.unibet.com; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; Path=/; Domain=.unibet.com; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
referer: https://www.toprevenuegate.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Fri, 01 Dec 2023 19:02:05 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

www.unibet.com/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950

85.184.96.28

301 Moved Permanently

0 B

URL User Request GET HTTP/2
www.unibet.com/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950
IP
85.184.96.28:443
ASN
#47171 Unibet Services Limited

Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; __ucbt=node02saq2jfcavihh1pvdl51l2wz4; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Fri, 01 Dec 2023 19:02:05 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Fri, 01 Dec 2023 19:02:05 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png

172.64.144.152

302 Found

0 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210648486077%7c1%22%7d%5d; __ucbt=node02saq2jfcavihh1pvdl51l2wz4; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Fri, 01 Dec 2023 19:02:06 GMT
content-length: 0
location: https://www.unibet.com/
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed95200944b512-OSL
X-Firefox-Spdy: h2

a.veinmaster.top/eyes-robot/assets/style.css

172.64.103.19

31 kB

URL
a.veinmaster.top/eyes-robot/assets/style.css
IP
172.64.103.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
31 kB (31332 bytes)
Hash
a18afa3eac509b6062c9362a725ac421
5e06e9b3af42189e9456a7ea3bda665e10c86405
29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896

HTTP Headers

GET /eyes-robot/assets/style.css HTTP/1.1
Host: a.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&nrid=b7af9a8cea1440e88ff2d55016da285f&hash=8qPX36rG6UbraGbglhVpnQ&exp=1701457622
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 19:02:02 GMT
content-type: text/css
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: W/"6569b076-cf6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1980
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWuJreFUq3StrvYdRC4rcCOgRvOoOBmZQvEt7uI3yIE3lU%2Fz7PdWQi4XcwF41mR0cvpc4yPtCtDaX8l0MEgigCm9%2FPICjbw9PaUUlIERgVySpeVx0zMN4jAZx6R3un4hjLXk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed950c7c1723e7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.veinmaster.top/shared-js/assets/static-pl.js?v=2

172.64.103.19

2.2 kB

URL
a.veinmaster.top/shared-js/assets/static-pl.js?v=2
IP
172.64.103.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
2.2 kB (2169 bytes)
Hash
7224243dd0b18bb2508a1d77d4b2a0b2
bd833c24aa241861316053fd8bd46a1bef3d343f
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

HTTP Headers

GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: a.veinmaster.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=2e346h9x9ejj2ibbb6&sub_id=16122660&nrid=b7af9a8cea1440e88ff2d55016da285f&hash=8qPX36rG6UbraGbglhVpnQ&exp=1701457622
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 19:02:02 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: W/"6569b076-dee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3204
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41fMtt3itNqGnHYE65A7Wn1T2PICCOt%2Bjp6Kk12JXdvCooqh2ViEgzUKzby21H8E0g8wyNB3Hn%2BRlmoYhrYxExyoZihqOACiCgocC9hzg8%2BkabT04sKrAKgIg0Fbh%2BdNlNvY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed950c7c1c23e7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png

172.64.144.152

302 Found

0 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210648486077%7c1%22%7d%5d; __ucbt=node02saq2jfcavihh1pvdl51l2wz4; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Fri, 01 Dec 2023 19:02:06 GMT
content-length: 0
location: https://www.unibet.com/
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed9521bb24b512-OSL
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.1/css/all.css

172.64.140.13

200 OK

110 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.7.1/css/all.css
IP
172.64.140.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (54456), with no line terminators
Size
110 kB (110301 bytes)
Hash
7b1d7f457d056ace7b230b587b9f3753
4e0b45eedbe0c405f1faff0d5236a9ee0ff2065b
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

HTTP Headers

GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:06 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
last-modified: Fri, 22 Sep 2023 01:45:49 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 728994
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJPU3zeuAiTwPKdapFT%2BvFmIAIU6Gv1UUJ%2F%2Flvx90wig09YwkR%2FflqjEC%2B9X5Mc8UWlxnXCouacQXCljQCoCgFrmtvgdBGkBWmQkGliww%2FdUmYrqgh%2BHz%2FaHGgSR5vXMBCwlXrQC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ed9520984352d8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg

172.64.144.152

21 kB

URL
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP
172.64.144.152:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (15888), with no line terminators
Size
21 kB (20795 bytes)
Hash
2e6f9dbfba55dfa91376da363e813261
b14b92d60cdf76622b9f91b3a56c7a8d98649c23
ec5264587927f5d20d839f8f7d97e98e8dd4d9cce69ffd27a0d63d13d2102498

HTTP Headers

GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210648486077%7c1%22%7d%5d; __ucbt=node02saq2jfcavihh1pvdl51l2wz4; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:06 GMT
content-type: image/svg+xml
cf-ray: 82ed95200935b512-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 53373
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DCB4E58"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 76cbcfd3-901e-004e-01cc-1c3c8a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/custom.js

172.64.144.152

200 OK

18 kB

URL GET HTTP/2
welcome.unibet.com/custom.js
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
ASCII text
Size
18 kB (17800 bytes)
Hash
7bf01e92dd55d5fa298f55fbcb9afd30
4db58eaa64d33bce2d1ae88d5ed6919d8986f8dc
2c13bba84b390447c18343fd8319ca7aea45208f53fb3143ed27c354fd5b2b1f

HTTP Headers

GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210648486077%7c1%22%7d%5d; __ucbt=node02saq2jfcavihh1pvdl51l2wz4; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:06 GMT
content-type: application/javascript
cf-ray: 82ed951ff930b512-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 146914
etag: W/"0x8DA115DA300B0C1"
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
vary: Accept-Encoding
content-md5: e/Aekt1V1fopj1X7y5r9MA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: b3159e82-501e-0041-530e-134ae6000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.unibet.com/

85.184.96.28

200 OK

83 kB

URL GET HTTP/2
www.unibet.com/
IP
85.184.96.28:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type
gzip compressed data\012- data
Size
83 kB (82918 bytes)
Hash
a7002faadfda5c522c4bd0316e5ca97d
d81c650464ddb554ad1ac98d0b3e60a52b96c7fb
56eba09cd60def730edf4967cc3bbc3063953ad82ab0b31f84c6a8a0d233e57b

HTTP Headers

GET / HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210648486077%7c1%22%7d%5d; __ucbt=node02saq2jfcavihh1pvdl51l2wz4; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop; btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:06 GMT
content-type: text/html;charset=utf-8
x-request-id: 4cb86cbab9653af68889d2795c150e29
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Fri, 01 Dec 2023 19:02:36 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js

172.64.144.152

200 OK

76 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
76 kB (75825 bytes)
Hash
04fc48de78cbfc5d1557e9df399c7733
e1bf77a4fef1943b0eab404c4abbe9477cb373e0
4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210648486077%7c1%22%7d%5d; __ucbt=node02saq2jfcavihh1pvdl51l2wz4; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:06 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 82ed951ff92ab512-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 560970
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702E1B3700"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0799503c-801e-0042-7d02-19ab82000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

139.45.197.237

18 kB

URL
eehuzaih.com/500/5005565?excludes=&oaid=cb5b3d21396e4748a85129b6171c1f6e&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
gzip compressed data, max speed, from Unix\012- data
Size
18 kB (18126 bytes)
Hash
c1ec08f04aa94132e62bd5ab2c0bdae5
0da4a4d6621931918af980a214fa423207e0b4ef
7a10599f4ce2935921665ac094a3f19d2ae2f5ca9d8c5e47d4776327924d523b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /500/5005565?excludes=&oaid=cb5b3d21396e4748a85129b6171c1f6e&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Fsta-uradi-zena-od-mikija-duricica-menja-pelene-pravi-mleko-za-sina-cisti-kucu-a-evo-kad-ulazi-u-elitu-otkrio-detalje.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: OAID=682140eb1ac6419184a9a0af5633ed48
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:01:58 GMT
content-type: application/javascript
x-trace-id: 89a81f9977abe020ab5b9d42910a9095
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://www.vugla.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=cb5b3d21396e4748a85129b6171c1f6e; expires=Sat, 30 Nov 2024 19:01:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg

172.64.144.152

200 OK

18 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5740), with no line terminators
Size
18 kB (17828 bytes)
Hash
d9f476ef25b46fd901a7f79b5bdbb9f4
c7d2758d17518dd1da5c352fed93654248fd37a7
bf35a33c9a8a912b82a62cffbca0c69a5db72aba6c622b77d471a1428b969dd2

HTTP Headers

GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210648486077%7c1%22%7d%5d; __ucbt=node02saq2jfcavihh1pvdl51l2wz4; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:06 GMT
content-type: image/svg+xml
cf-ray: 82ed95200938b512-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 136898
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DDE5E49"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: 2fR27yW0b9kBp/ebW9u59A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: e2bacc6f-401e-0010-6202-1cd76a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js

85.184.96.5

200 OK

956 B

URL GET HTTP/2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
85.184.96.5:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type
ASCII text, with very long lines (1004), with no line terminators
Size
956 B (956 bytes)
Hash
b9cb8178d22ffc80516a6d9acabeb58d
da54c11062c26f9f8692be7b863a177cf9f4c380
ad1567203b26840db6e008cd373a903539f7dd739a026e47bb6d2f7b945444a8

HTTP Headers

GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210648486077%7c1%22%7d%5d; __ucbt=node02saq2jfcavihh1pvdl51l2wz4; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:06 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg

104.16.48.126

200 OK

25 kB

URL GET HTTP/2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP
104.16.48.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
25 kB (24901 bytes)
Hash
7857f5fa35651d9795bac512238caaf4
107c2b86078dd49ffd18c76724bd290018719037
bf1b321fe365e6fdb5429bcebb8a6b5b9ed554d84f4eced5e69cc31038455a81

HTTP Headers

GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:07 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: b31b4379-501e-0041-450f-134ae6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 469
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed95261e6756a4-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg

172.64.144.152

200 OK

13 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Size
13 kB (12666 bytes)
Hash
7a982245aa6326903b0e7893885e42fb
47fa69cfed4819f23a8764170e04f5744bd47cd6
18b0e4aa1e8678befe4e7db06e054447b9f96684d817b6424a6b8824042a45fb

HTTP Headers

GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210648486077%7c1%22%7d%5d; __ucbt=node02saq2jfcavihh1pvdl51l2wz4; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:06 GMT
content-type: image/svg+xml
cf-ray: 82ed95200937b512-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 141201
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DD4C2C5"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: epgiRapjJpA7DniTiF5C+w==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: f0a9fb76-d01e-005f-5e18-15a63e000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521

172.64.144.152

200 OK

17 kB

URL User Request GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type

Size
17 kB (17265 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; __ucbt=node02saq2jfcavihh1pvdl51l2wz4; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:05 GMT
content-type: text/html; charset=utf-8
cf-ray: 82ed951d6ea7b512-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: aY23filpvIp9zBTCFZm2tg==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: cc4c8e5f-301e-000a-0688-24b6b5000000
x-ms-version: 2014-02-14
set-cookie: btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg

172.64.144.152

200 OK

3.2 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3287), with no line terminators
Size
3.2 kB (3207 bytes)
Hash
910a470c87e6907732caefbe1b43f25c
709f3846db3c983a502d081a17c95404c545141c
c1912c86d189996a4995f3c142f73f88150fd922a203f914e1a17992f07a2db5

HTTP Headers

GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210648486077%7c1%22%7d%5d; __ucbt=node02saq2jfcavihh1pvdl51l2wz4; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:06 GMT
content-type: image/svg+xml
cf-ray: 82ed95200932b512-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 225478
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702B55A494"
last-modified: Wed, 13 Sep 2023 15:43:25 GMT
vary: Accept-Encoding
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 862f85ee-201e-005b-777e-1e2b39000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:31 GMT
expires: Fri, 29 Nov 2024 05:05:31 GMT
cache-control: public, max-age=31536000
age: 136595
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg

104.16.48.126

200 OK

4.9 kB

URL GET HTTP/2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP
104.16.48.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4999), with no line terminators
Size
4.9 kB (4873 bytes)
Hash
7506851c12654bfc54bb813a52957b68
b88e0179a85912068c3480f522a8b0958a23046c
0217e3f9fd1201390e06eee878ccbf84feba0077e7cdd01754170f78e18c274d

HTTP Headers

GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:07 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 90577b5d-e01e-0026-0f98-165a1a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 469
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed9525fe3b56a4-OSL
content-encoding: br
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.106

200 OK

87 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 17:33:53 GMT
expires: Thu, 28 Nov 2024 17:33:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 178093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no

104.40.147.180

200 OK

4.7 kB

URL GET HTTP/2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP
104.40.147.180:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerMicrosoft Corporation
Subject*.azurewebsites.net
Fingerprint0A:12:F7:66:D9:79:A1:83:48:0D:FC:30:BC:F5:BD:27:AF:F4:1A:84
ValidityTue, 01 Aug 2023 09:55:22 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (5178), with no line terminators
Size
4.7 kB (4706 bytes)
Hash
631915d845ca82d33ab60022714e1ff6
30f782357bfb04d2a311b19a4e116c7a0d00253a
225138234c65e4185b4d10ccddffeec9f5b674156fb2ca1819f5a89baf92f4a0

HTTP Headers

GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Fri, 01 Dec 2023 19:02:06 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=3bc95a0a907b373b7281dbab7510fee65c0d02b1386194a9530165823f0e06fa;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=3bc95a0a907b373b7281dbab7510fee65c0d02b1386194a9530165823f0e06fa;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg

104.16.48.126

200 OK

1.1 kB

URL GET HTTP/2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP
104.16.48.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1065), with no line terminators
Size
1.1 kB (1053 bytes)
Hash
8994f187d31c33e41e6af6c078d8b4f3
e65a39fb2b4d56343b2af57a19ba38612eaa262f
e4f28e35c66413fc59cb5bdb97c30fd7de981c9408b0f38068c3f71661f52872

HTTP Headers

GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:07 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: 850b18b8-b01e-003b-137b-0c57a6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 344
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed9525fe4756a4-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg

172.64.144.152

200 OK

1.5 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1513), with no line terminators
Size
1.5 kB (1481 bytes)
Hash
49bb8022b31261533a9fc360618129c2
35ab11ba839506015fe62c50a79bf3aff01d049c
559f2bd484ade1ad03ed79c5a5de1604fe9acc174164d3fd28d68eff7acbe2b3

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210648486077%7c1%22%7d%5d; __ucbt=node02saq2jfcavihh1pvdl51l2wz4; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:06 GMT
content-type: image/svg+xml
cf-ray: 82ed95200942b512-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 40424
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702D1E3897"
last-modified: Wed, 13 Sep 2023 15:43:28 GMT
vary: Accept-Encoding
content-md5: Kch+tYuo05USS5JaESq1rA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 89ff6622-901e-005e-7ca4-16f9e2000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css

172.64.144.152

200 OK

22 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP
172.64.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
ASCII text
Size
22 kB (22452 bytes)
Hash
cd7901ab004cbe23cf68ae6b0486a998
11c4422439ed8b081e672eceef735ed1fcad6e90
01d6d6271e9cfda8348fcde699bbb334310b6ba858f1d01fbe2b08b6ceba6c1b

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701457324911)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023121192%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210648486077%7c1%22%7d%5d; __ucbt=node02saq2jfcavihh1pvdl51l2wz4; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_B9B5300C0F2947ADBCBE43EBB9297CCB%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_B9B5300C0F2947ADBCBE43EBB9297CCB
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:02:06 GMT
content-type: text/css; charset=utf-8
cf-ray: 82ed951ff928b512-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 134046
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702AA0A0C4"
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: zXkBqwBMviPPaK5rBIapmA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: dda9c37d-401e-0010-5ea4-13d76a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP