Report - www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html/

Report Overview

Visited public
2023-11-28 05:02:08
Tags
URL
www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html/
Finishing URL
conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
IP / ASN
192.185.106.252
#46606 UNIFIEDLAYER-AS-1
Title
conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
slamscreechmilestone.com	unknown	unknown	No data	No data	6.4 kB	41 kB	173.233.139.164
tharbadir.com	670354	2018-04-25	2018-05-21 22:07:02	2023-11-20 17:43:39	4.1 kB	2.1 kB	139.45.197.238
www.profitabledisplaycontent.com	138390	2020-10-14	2020-10-16 04:07:47	2023-11-23 09:42:00	2.8 kB	4.3 kB	192.243.59.20
pl16411290.alternativecpmgate.com	unknown	2021-07-01	2023-05-22 08:21:17	2023-11-24 20:52:24	460 B	10 kB	192.243.61.225
ssl.gstatic.com	unknown	2008-02-11	2012-05-23 08:57:57	2023-11-27 11:09:06	460 B	6.1 kB	216.58.207.227
conqueredallrightswell.com	unknown	2023-11-14	2023-11-16 20:49:45	2023-11-26 14:47:44	3.0 kB	7.3 kB	173.233.137.52
apis.google.com	105	1997-09-15	2013-05-06 22:20:21	2023-11-27 05:14:01	3.4 kB	148 kB	142.250.74.142
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-11-27 18:55:43	1.9 kB	1.4 kB	18.185.201.157
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-11-27 18:56:26	1.6 kB	2.2 kB	139.45.195.8
vvfal.rigelbetelgeuse.top	unknown	2023-05-11	2023-05-11 14:25:20	2023-11-26 13:21:28	608 B	1.0 kB	104.21.22.161
amunfezanttor.com	unknown	2023-03-31	2023-03-31 14:42:42	2023-11-27 20:10:22	1.0 kB	977 B	139.45.197.250
promo.pixelsee.app	unknown	2022-05-04	2023-07-26 11:13:24	2023-11-19 22:12:22	5.7 kB	101 kB	104.21.7.161
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-27 07:17:39	494 B	1.2 kB	142.250.74.106
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-27 06:40:38	4.3 kB	251 kB	142.250.74.168
pl15560907.passtechusa.com	unknown	2020-02-27	2022-10-27 15:33:11	2023-11-25 04:22:29	455 B	16 kB	173.233.137.60
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-27 07:14:04	5.0 kB	375 kB	216.58.207.227
asleavannychan.com	unknown	2023-01-10	2023-01-11 01:08:18	2023-11-17 12:38:14	2.6 kB	3.4 kB	139.45.197.250
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-11-27 20:33:00	1.5 kB	73 kB	45.133.44.9
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-11-27 07:27:30	865 B	424 B	216.239.34.36
eehuzaih.com	unknown	2022-02-21	2022-02-21 12:12:25	2023-11-25 20:59:40	1.3 kB	36 kB	139.45.197.237
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2023-11-25 20:52:26	535 B	481 B	139.45.195.254
offerimage.com	304078	2019-06-10	2019-06-10 13:11:53	2023-11-26 14:12:53	467 B	93 kB	104.22.33.172
www.vugla.com	unknown	2013-09-24	2015-02-06 16:22:31	2023-11-27 05:21:59	38 kB	688 kB	192.185.106.252
www.kursnalista.co	unknown	2019-01-14	2015-04-30 23:56:04	2023-11-19 14:45:56	421 B	1.5 kB	192.185.106.47
laughteroccasionallywarp.com	unknown	unknown	No data	No data	1.1 kB	4.3 kB	173.233.137.52
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-11-27 08:01:03	350 B	942 B	143.204.53.97
keewoach.net	unknown	2023-06-06	2023-06-06 13:12:27	2023-11-25 18:50:14	406 B	153 kB	139.45.197.245
www.variouscreativeformats.com	408415	2021-06-09	2021-06-13 08:53:26	2023-11-25 04:22:30	457 B	12 kB	173.233.139.164
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-11-27 07:31:27	577 B	578 B	142.250.74.163
violationphysics.click	unknown	2023-02-10	2023-02-11 18:32:06	2023-11-26 23:29:19	926 B	601 B	192.64.81.118

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-28 05:02:08	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-28	medium	asleavannychan.com	Sinkholed
2023-11-27	medium	fleraprt.com	Sinkholed
2023-11-28	medium	slamscreechmilestone.com	Sinkholed
2023-11-28	medium	slamscreechmilestone.com	Sinkholed
2023-11-28	medium	asleavannychan.com	Sinkholed
2023-11-28	medium	asleavannychan.com	Sinkholed
2023-11-28	medium	slamscreechmilestone.com	Sinkholed
2023-11-28	medium	asleavannychan.com	Sinkholed
2023-11-28	medium	asleavannychan.com	Sinkholed
2023-11-28	medium	amunfezanttor.com	Sinkholed
2023-11-28	medium	laughteroccasionallywarp.com	Sinkholed
2023-11-28	medium	amunfezanttor.com	Sinkholed
2023-11-28	medium	slamscreechmilestone.com	Sinkholed
2023-11-28	medium	slamscreechmilestone.com	Sinkholed
2023-11-28	medium	laughteroccasionallywarp.com	Sinkholed
2023-11-28	medium	conqueredallrightswell.com	Sinkholed
2023-11-28	medium	conqueredallrightswell.com	Sinkholed
2023-11-28	medium	conqueredallrightswell.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660 IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 20:39 Times Seen4657226 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b4db71556e353b04562ba2f5ba28476c	471 B	2023-11-26 21:23	2024-08-20 17:49
Pretty Observations First Seen2023-11-26 21:23 Last Seen2024-08-20 17:49 Times Seen25 Hash b4db71556e353b04562ba2f5ba28476c 4ba29f4a117f58fd0dcb2f6e1fc7a50a50842399 991239f15eca790f4d782b2b2eef92fb5728365845c17f7e886a972cd08638e3 Loading...

	#2 Eval - 127ac839a41bdd9ab92ad47b7411cdaf	29 B	2023-03-08 14:23	2025-05-06 08:36
Pretty Observations First Seen2023-03-08 14:23 Last Seen2025-05-06 08:36 Times Seen675 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

		Size	First Seen	Last Seen
	#1 Write - 31c9da99d87f30d4105f391c11ae8757	128 B	2023-08-25 09:27	2024-08-21 08:08
Pretty Observations First Seen2023-08-25 09:27 Last Seen2024-08-21 08:08 Times Seen183 Hash 31c9da99d87f30d4105f391c11ae8757 da2648a5466570fd4aa986282e122d12ab6b5648 1dbdd8a3b493ad2b2750901f83983de94b8f59db68ab58aebe45672fc4dba75d Loading...

	#2 Write - 1487f10b3da8bc37ed8363d325443ba5	190 B	2023-09-16 20:53	2024-08-21 06:40
Pretty Observations First Seen2023-09-16 20:53 Last Seen2024-08-21 06:40 Times Seen14 Hash 1487f10b3da8bc37ed8363d325443ba5 abb4aba70a7e23e9edf2d0b49240cd6a0387b2f3 1ccfe04507cf62454cdf3cf130c40790dcd492ef9f790ee2be904da4e9f270ba Loading...

HTTP Transactions (149)

URL IP Response Size

www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html/

192.185.106.252

0 B

URL
www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html/
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html/ HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
x-pingback: https://www.vugla.com/xmlrpc.php
x-redirect-by: WordPress
content-security-policy: upgrade-insecure-requests;
location: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
cache-control: max-age=10800
expires: Tue, 28 Nov 2023 08:01:49 GMT
vary: User-Agent
referrer-policy: 
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 05:01:49 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html

192.185.106.252

74 kB

URL
www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
gzip compressed data, from Unix\012- data
Size
74 kB (73717 bytes)
Hash
b7af3fbcf57f379201af3879950b721b
707699f144de7f6cf90a558f64eea7c2567e0199
d3573b056386fcc5f16c3760b10dbcc1de763c54ee51cac3a76dfb47204e6ed6

HTTP Headers

GET /er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-pingback: https://www.vugla.com/xmlrpc.php
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/", <https://www.vugla.com/wp-json/wp/v2/posts/570386>; rel="alternate"; type="application/json", <https://www.vugla.com/?p=570386>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=10800
expires: Tue, 28 Nov 2023 08:01:50 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 05:01:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1

192.185.106.252

398 B

URL
www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
398 B (398 bytes)
Hash
4f140b946bdc4cb833896a992db68c6d
52d6c64f9c5478bb70604068a66f06283ecff968
f8f90d1cacc59cf90886948787ef5c723b8de9e41092285611f2f915b5996ef2

HTTP Headers

GET /wp-content/themes/vugla/style.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 24 Mar 2020 17:57:12 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 398
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6

192.185.106.252

1.4 kB

URL
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (4310), with CRLF line terminators
Size
1.4 kB (1410 bytes)
Hash
b236fbc68ad6824d6fd4be9501a56ea5
5147f5e6779b335a45771a6a9ec9f0a1db8079ef
d49c9ad378618e0a0eb8e6fca04c13f6005e13badf79e0c977d76d851f7aa60a

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1410
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1

192.185.106.252

733 B

URL
www.vugla.com/wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (2553), with no line terminators
Size
733 B (733 bytes)
Hash
229bf132659b3607e05296743613ecca
2f498516b73ae5f087904669ccd6b3eb57054711
73214adfea5dc8d2ab7aae66baec56aab47e70224557c08f424b80909d1acd7c

HTTP Headers

GET /wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:33 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 733
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1

192.185.106.252

320 B

URL
www.vugla.com/wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
320 B (320 bytes)
Hash
199decab27dd471d35814631e71e6fea
42c2847529b6859230bc2f4e8e6432805a06148b
7279594a46188e3246db42ffd4c609fc254c6fa06bfca8b72dd82e63fa4e6385

HTTP Headers

GET /wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 26 May 2014 20:39:02 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 320
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1

192.185.106.252

89 B

URL
www.vugla.com/wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
89 B (89 bytes)
Hash
b20aaffdf9d8e1f413b536edb9d1b649
0f3afd6ef6940700eb7f245629d1b79c52f45b47
9534982bd24eaa3205ac2e5a4dbd6a16a3129b70df981f422562ef3a30ade7cd

HTTP Headers

GET /wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:50:56 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 89
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1

192.185.106.252

14 kB

URL
www.vugla.com/wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (5844)
Size
14 kB (13761 bytes)
Hash
514fccb15bdc95ea2c2b6fddaded8ecc
4c999194bb19b83cc85f40621fa1c74cd1a4cbf7
d86730f73982f170cb0943d0d47c3c2520743d6a3d6cf5330cde12667df675ca

HTTP Headers

GET /wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:35 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 13761
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

192.185.106.252

5.4 kB

URL
www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (13479)
Size
5.4 kB (5422 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 5422
content-type: application/javascript
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

apis.google.com/js/plusone.js

142.250.74.142

22 kB

URL
apis.google.com/js/plusone.js
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2664)
Size
22 kB (21931 bytes)
Hash
03f8c0cd20b9675c0fb54c3cccc6d1cf
e37d2a997e1045158c791667bb37fd244c9b66af
9b750b4baeaf88b2ac42100bcc3ea6d799a6ba8c3c5b2cce1d72a75a6c0952f7

HTTP Headers

GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 21931
date: Tue, 28 Nov 2023 05:01:51 GMT
expires: Tue, 28 Nov 2023 05:01:51 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "cf28888d642e74bc"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=Yi6EjVCVjRgJsCRTvA7hDJHfTpNP9WdNvvZsmpVa-e4a0dDawphLENtD78KUKVluf2sdq4hmfoi_obUwspBsoqiLuY6Mm1K980U9BVsUwcY5BdRXOrADPo9SWkEGlhZELufmIq5CzxLml1aHDflnHPtUkSP1a5_f8YklZuRyubs; expires=Wed, 29-May-2024 05:01:51 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT

142.250.74.168

85 kB

URL
www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3034)
Size
85 kB (85256 bytes)
Hash
abc696226307c2d20e5d35e5951cfb32
9810f009176ff1700ed32a17d948b46d0744a28c
15c7bbbe4e85732cb2c1fa8c8462b80638d822dd78bb2d2323b5c8eb0f0b47cd

HTTP Headers

GET /gtag/js?id=G-7NCJ73THPT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 05:01:51 GMT
expires: Tue, 28 Nov 2023 05:01:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3

192.185.106.252

83 B

URL
www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png

192.185.106.252

1.8 kB

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1762 bytes)
Hash
9cb3d67f468539abb72395dc73934190
9928de37e21649c1799e3287a13f897a34aab5e1
04a457e988270cb1dc76bd57ac8e62fddf02c02b618a1ac6cb0880b93633f5e0

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 1762
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3

192.185.106.252

83 B

URL
www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1

192.185.106.252

8.7 kB

URL
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (17739), with CRLF line terminators
Size
8.7 kB (8747 bytes)
Hash
3229aa93c44fa4628707e80959a97bc1
5a2d4dbc4d1df02e7a386489e7b5c5a9e22dd40f
095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8747
content-type: application/javascript
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6

192.185.106.252

4.7 kB

URL
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (12917), with CRLF line terminators
Size
4.7 kB (4708 bytes)
Hash
416d2c5e5425c640a7d63f25e0376fd6
a95b218161d94bdb148d108aedf065b4a4762045
b875bead01dfa1b02a553e8efda0f3a65d39da24f19ad37af95f06795eee76dc

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 4708
content-type: application/javascript
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/no-image-featured-image.png

192.185.106.252

16 kB

URL
www.vugla.com/wp-content/themes/vugla/images/no-image-featured-image.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 620 x 350, 8-bit/color RGB, non-interlaced\012- data
Size
16 kB (16020 bytes)
Hash
458e440bd18b9f9d5d4940ab65ee3245
dd8dc3ae386c48024cafc858deb3377823f1dd10
41e1c3561235de8d8e2c151947d0d8c6dcec356470aef6cda360a0b8ee35f281

HTTP Headers

GET /wp-content/themes/vugla/images/no-image-featured-image.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:00 GMT
accept-ranges: bytes
content-length: 16020
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png

192.185.106.252

2.3 kB

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2328 bytes)
Hash
91d33236832e22fe9743606623bd001a
d7101e60e49e86dbe1f34876228aa6831ad568f7
5571cdc5e0d90001474bf488c142929a02a39e55a4a7f61c44d1f94a4087eda1

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 2328
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png

192.185.106.252

584 B

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
584 B (584 bytes)
Hash
114d84e23ab95df71589ab5e67b93b85
2270334f4b83486ceaab53133e4706537c16f38a
1353c448068301ee8534bd1d3c8eb214863afa0b9f716222dfe93e2739cffac2

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 584
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/habitfarm-javor-fk-vozdovac-golovi-27-11-2023-150x150.jpg

192.185.106.252

6.0 kB

URL
www.vugla.com/wp-content/uploads/2023/11/habitfarm-javor-fk-vozdovac-golovi-27-11-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
6.0 kB (6001 bytes)
Hash
58337990ebec58a74b5aa3af2baadb46
593f2a0075358d436649b74185c4a266f2f7a0f0
f5c781dad35944ad8727497b241186e5e0b8bec2a1479280bbc08f014075bae7

HTTP Headers

GET /wp-content/uploads/2023/11/habitfarm-javor-fk-vozdovac-golovi-27-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 21:27:15 GMT
accept-ranges: bytes
content-length: 6001
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/westfield-webcam-150x150.jpg

192.185.106.252

7.2 kB

URL
www.vugla.com/wp-content/uploads/2021/11/westfield-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
7.2 kB (7218 bytes)
Hash
a087319a92cf50aa6359e54d07c4224c
d314a7f4859c4002d7e8bfc57a1c65617202ad74
498bee889ab002b539382ba8ad9669097f90ed73814adc5a301cb92beec08c8a

HTTP Headers

GET /wp-content/uploads/2021/11/westfield-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 21:30:41 GMT
accept-ranges: bytes
content-length: 7218
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/split-trogir-katedrala-svetog-lorenca-webcam-150x150.jpg

192.185.106.252

6.7 kB

URL
www.vugla.com/wp-content/uploads/2021/11/split-trogir-katedrala-svetog-lorenca-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
6.7 kB (6683 bytes)
Hash
728ab77212729fa32398d11c83324eeb
61d9572c3b12309d67ba45cc3928cc83576580a0
687cd6500754dc82b7d76b398fd1fe515f4f1d91dc1e2c2a34bf5b6a911a9b3e

HTTP Headers

GET /wp-content/uploads/2021/11/split-trogir-katedrala-svetog-lorenca-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 30 Nov 2021 13:49:24 GMT
accept-ranges: bytes
content-length: 6683
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/viber-64x64.png

192.185.106.252

7.1 kB

URL
www.vugla.com/wp-content/themes/vugla/images/mobile-share/viber-64x64.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7120 bytes)
Hash
de186be4358ae6892385bcb78cc79b01
d933c306c857b9e84e321c4756d384a6e8093da2
c912b95fc0e537dbd5d103172a9ad3df2a3c8ad4ce5e6d6cebbaf31d7f6d58be

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/viber-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 22 Dec 2016 10:00:29 GMT
accept-ranges: bytes
content-length: 7120
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/kranjska-gora-webcam-150x150.jpg

192.185.106.252

6.0 kB

URL
www.vugla.com/wp-content/uploads/2021/11/kranjska-gora-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
6.0 kB (6044 bytes)
Hash
989b60424d56f5946b48524e7bea5fa1
86ea5ad56aaa32d89398f3dc2b52c6cac6880c87
76c00718e82cff5e59d381080695ededa0b3173ea9fea5d64b13e19ef66bd5ea

HTTP Headers

GET /wp-content/uploads/2021/11/kranjska-gora-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Nov 2021 10:20:29 GMT
accept-ranges: bytes
content-length: 6044
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/helas-verona-lecce-golovi-27-11-2023-150x150.jpg

192.185.106.252

7.2 kB

URL
www.vugla.com/wp-content/uploads/2023/11/helas-verona-lecce-golovi-27-11-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
7.2 kB (7167 bytes)
Hash
2308a47f1fd7b3a31494400dcf569324
a56afa98a45d40ad0f45db7ea08e4816af1f862e
fd770d145ae4a98a870c804091a772b565817e7f78fc56c1dd2973316ec852f4

HTTP Headers

GET /wp-content/uploads/2023/11/helas-verona-lecce-golovi-27-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 21:27:13 GMT
accept-ranges: bytes
content-length: 7167
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png

192.185.106.252

1.7 kB

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1659 bytes)
Hash
42bec42b54ef1bb6bb9596efa815973d
88145ca02b72936eb430e818cd7a80f189ca9166
154a5b712eedff5cdee156292d8795dd139a350c7ed09982e5faec55a0ab2f42

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 1659
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/basaksehir-pendikspor-golovi-27-11-2023-150x150.jpg

192.185.106.252

6.4 kB

URL
www.vugla.com/wp-content/uploads/2023/11/basaksehir-pendikspor-golovi-27-11-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
6.4 kB (6442 bytes)
Hash
f1abfff3486aad218f8083501b806693
1cb1ac196ebdc47555564c003fc77e049be3c690
ebe23e46448ac1b5e1f6bd697a74a81fe094a2ae162ae1c819fb36fdb9d4612c

HTTP Headers

GET /wp-content/uploads/2023/11/basaksehir-pendikspor-golovi-27-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 21:27:10 GMT
accept-ranges: bytes
content-length: 6442
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/bologna-torino-golovi-27-11-2023-150x150.jpg

192.185.106.252

7.1 kB

URL
www.vugla.com/wp-content/uploads/2023/11/bologna-torino-golovi-27-11-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
7.1 kB (7130 bytes)
Hash
0bbcbe7c5eb0f46e61ce2e2ddda89077
7e0508b239b8db9e889a6c38b58da284b6a3d0bb
faf3d792ee64b9f14c2df759c439bdcc804c49004f580415892a149af92dd917

HTTP Headers

GET /wp-content/uploads/2023/11/bologna-torino-golovi-27-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 28 Nov 2023 00:10:19 GMT
accept-ranges: bytes
content-length: 7130
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/girona-ath-bilbao-golovi-27-11-2023-150x150.jpg

192.185.106.252

6.7 kB

URL
www.vugla.com/wp-content/uploads/2023/11/girona-ath-bilbao-golovi-27-11-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
6.7 kB (6694 bytes)
Hash
9c2a17cbf602b9ef80c8a3249789d2b8
3e10ef1d3bdfc8dc8b4cde0630979d295a548c68
f759e6bb5718613412d240b6039be95a5b40188331bf2170cfcb7606d2445a14

HTTP Headers

GET /wp-content/uploads/2023/11/girona-ath-bilbao-golovi-27-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 28 Nov 2023 00:10:20 GMT
accept-ranges: bytes
content-length: 6694
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png

192.185.106.252

861 B

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
861 B (861 bytes)
Hash
1d8dab6f1066b94b74f5611a8c918681
4e0edc7ba1ada49418772d8d581cd3d38518d490
bac6d2c8418e543d967d6e57710eda1ca4318ddd917c19a28fd63b4240e8d150

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 861
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1

192.185.106.252

106 B

URL
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
106 B (106 bytes)
Hash
64829824ee643f09fb3821dc49b3089a
446608ff9f4128b9503476135a8c28599f8d5c2e
0b967c52b8e899c4266110c97fa50018d61ccf1365144d16f09f901523d48c95

HTTP Headers

GET /wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:31 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 106
content-type: application/javascript
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1

192.185.106.252

7.0 kB

URL
www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with very long lines (14641), with CRLF line terminators
Size
7.0 kB (6964 bytes)
Hash
ad955f14cdcc21d58014f25ab7c8d46d
8915b95d672d54be6fb01a239088aba305d4798e
d6304e162f8fe5054a4c5430d2f1d78ea2ad54c1ff61ea708d148bf385312407

HTTP Headers

GET /wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 12:00:08 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 6964
content-type: application/javascript
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4

192.185.106.252

8.3 kB

URL
www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (18798)
Size
8.3 kB (8305 bytes)
Hash
f88d5720bb454ed5d204cbdb56901f6b
f1952292fde4b15936e9aac16b2b9896684db95b
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8305
content-type: application/javascript
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/joure-harbour%E2%80%93passantenhaven-webcam-150x150.jpg

192.185.106.252

5.3 kB

URL
www.vugla.com/wp-content/uploads/2021/11/joure-harbour%E2%80%93passantenhaven-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
5.3 kB (5309 bytes)
Hash
669af66d55c0b1990d1f91ef53e8da22
a4d604f94fbd006b18bf0d1d546c927a4464b6d6
d770e9defa8329d7f290c1fd85caf00affaee42f07a990811f4bae55eb0e5d8e

HTTP Headers

GET /wp-content/uploads/2021/11/joure-harbour%E2%80%93passantenhaven-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 30 Nov 2021 14:32:46 GMT
accept-ranges: bytes
content-length: 5309
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png

192.185.106.252

2.6 kB

URL
www.vugla.com/wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2562 bytes)
Hash
56735b8135d0a3b1db1b1e1a34945e85
dc604b4e7030d9fe583393b94f1811fe69628107
7ef39fd53ffb21c300f78615faa8eab8eb1163ad1b70843efa4550a0bda364bc

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 26 Jul 2017 12:44:40 GMT
accept-ranges: bytes
content-length: 2562
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/sivasspor-trabzonspor-golovi-27-11-2023-150x150.jpg

192.185.106.252

6.6 kB

URL
www.vugla.com/wp-content/uploads/2023/11/sivasspor-trabzonspor-golovi-27-11-2023-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
6.6 kB (6626 bytes)
Hash
fb7a72877bcad63ff3151140efd919f2
ce3921c930ef550981f3947c812610a5858d3844
8428d61cb80c6ea4d36c5d77e2f8754f743e45bc0e876c0c5acccedad7bf57b8

HTTP Headers

GET /wp-content/uploads/2023/11/sivasspor-trabzonspor-golovi-27-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 21:27:11 GMT
accept-ranges: bytes
content-length: 6626
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/market-central-webcam-150x150.jpg

192.185.106.252

7.9 kB

URL
www.vugla.com/wp-content/uploads/2021/11/market-central-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
7.9 kB (7936 bytes)
Hash
3410869a8153baee3fa08c920ff9b522
41c1722ce0f5065c443aef7b30500eae623fdd6b
7082f848a1af1d888b191b7675682b20fb1a7fc958c47a83e9668c1ec49add42

HTTP Headers

GET /wp-content/uploads/2021/11/market-central-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 21:21:37 GMT
accept-ranges: bytes
content-length: 7936
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png

192.185.106.252

725 B

URL
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
725 B (725 bytes)
Hash
5da9fb18cfc9264a6e95b4a8bf4d2fcb
7bb78a36bc621ea268a0dad519c9c5c539e751ce
c6e399926b1aeb3634681cf7eb6af4e355325a6b2b6f8a89ad65ece3523fab18

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 725
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/logo.png

192.185.106.252

7.9 kB

URL
www.vugla.com/wp-content/themes/vugla/images/logo.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 254 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
7.9 kB (7870 bytes)
Hash
f8e78d7eed20f4d77ca41cbf9700c0fa
9c40c7c5ae212e070b2aceda05b7e34de143a670
cf314f8938fb5d378e49a7e09683a206e244024b7ca3a7ec1676f22804285ca7

HTTP Headers

GET /wp-content/themes/vugla/images/logo.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 18 Nov 2013 11:35:09 GMT
accept-ranges: bytes
content-length: 7870
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png

192.185.106.252

5.9 kB

URL
www.vugla.com/wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
5.9 kB (5880 bytes)
Hash
616a93e26f2d9261cd8412a8741f7be8
5fbfd88e502bcc766a9c9ef1d1751ed16ce1197c
306accb5ad46635aeb9481a9bc934c14ae474e924ec52b6673141c5acacd800d

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 22 Dec 2016 10:00:28 GMT
accept-ranges: bytes
content-length: 5880
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/newyork-bryant-park-webcam-150x150.jpg

192.185.106.252

6.2 kB

URL
www.vugla.com/wp-content/uploads/2021/11/newyork-bryant-park-webcam-150x150.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
6.2 kB (6173 bytes)
Hash
745b4a3b3497571feecaf9924b39ab30
18748491f70983c76ec8fffa2c4ccbcff0078233
ee1f3002de5e843e0b1ae4cfa4cec9d650f838c5c0ae6c0144fc15dcbb425363

HTTP Headers

GET /wp-content/uploads/2021/11/newyork-bryant-park-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 24 Nov 2021 18:01:04 GMT
accept-ranges: bytes
content-length: 6173
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:51 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1

192.185.106.252

1.4 kB

URL
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text
Size
1.4 kB (1389 bytes)
Hash
6755415003869bd599c3fae8e9792027
57946a22c79654014eb00fb548f727d302221873
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

HTTP Headers

GET /wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:28 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1389
content-type: application/javascript
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6

192.185.106.252

8.6 kB

URL
www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (629), with CRLF line terminators
Size
8.6 kB (8560 bytes)
Hash
68f8af044f685b84c7d49ac2356acabf
585889874b36224e980f4d285044ec0fb478dc7c
9fe6a07f596d507305d1480e6bb301d04cbf5ef8660b24b9fa411e39607a7ab5

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8560
content-type: application/javascript
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_reset.css

192.185.106.252

1.2 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_reset.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
1.2 kB (1152 bytes)
Hash
b5ae6c0ccd961d29a2924b03b0cbdd6e
3293dc40aa870c1cf79180eb7bd5c2ff28f3bd0a
0838fff76cfa3bad87963e64a610ea8d60b2dc8d0781a7531a2385f65de1ab2f

HTTP Headers

GET /wp-content/themes/vugla/css/style_reset.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:34 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1152
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/elastislide.css

192.185.106.252

674 B

URL
www.vugla.com/wp-content/themes/vugla/css/elastislide.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
674 B (674 bytes)
Hash
fac0ce1d7bcbe2001f963e204b03b3a4
fe650403bcbc74567e384eb3762c874835f6cad1
d8dcd83dfb6275b55ae8e495f6924dcfc52024a52f5639446a00de846ec7c7b9

HTTP Headers

GET /wp-content/themes/vugla/css/elastislide.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:21 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 674
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_768.css

192.185.106.252

2.5 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_768.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (408), with CRLF line terminators
Size
2.5 kB (2538 bytes)
Hash
14b717ed0c77c605f84b5b9a6b9892e9
5723bca38e18b8155b26f923590a05657911a377
6f37f5624b7bc60317a9c37a473fdf7dc34474d5f52cf169a7d52b35ca1dc0dd

HTTP Headers

GET /wp-content/themes/vugla/css/style_768.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:32 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2538
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_1024.css

192.185.106.252

2.3 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_1024.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
2.3 kB (2267 bytes)
Hash
7f4d3aa769cc8bb0e3c77745ff5c9d64
2da3458d48663a397a5a42c3bb52777bc5889dc0
7a6c4ca634ef663c6a3887df843fc04c40632ff46c53eb9f7d35bfcde21453b4

HTTP Headers

GET /wp-content/themes/vugla/css/style_1024.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:28 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2267
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_320.css

192.185.106.252

2.4 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_320.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2413 bytes)
Hash
cc437b9ea4ed072bf7636ec9013f026d
df8db436e5193d474b97364dc0cd532a9b390fe5
4e92c5bc2c3f90209e1bec52f50461d8c04d82a539296918f0db0c61af63aab2

HTTP Headers

GET /wp-content/themes/vugla/css/style_320.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2413
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/flexslider.css

192.185.106.252

1.5 kB

URL
www.vugla.com/wp-content/themes/vugla/css/flexslider.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1526 bytes)
Hash
aed0d9c2792c1ca777bfce04eb08ae7a
64e98271e4539dbf8819fa9d801017423c9bc30b
7f7b09426068a9bacddeefcf29f89063307fdc903ac45a569853b8c452d9b62d

HTTP Headers

GET /wp-content/themes/vugla/css/flexslider.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 08 May 2014 09:18:47 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1526
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/tabber.css

192.185.106.252

1.7 kB

URL
www.vugla.com/wp-content/themes/vugla/css/tabber.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
1.7 kB (1710 bytes)
Hash
a3e36a4db7b488bd984dd17c6e17cf63
33e7b11f7e1f149f954b6d938db9e36599816e8a
3609900b90f9835e1525c38bb6b1bcbffea0a14894799e54a07c2a9df09cb03d

HTTP Headers

GET /wp-content/themes/vugla/css/tabber.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1710
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_400.css

192.185.106.252

2.4 kB

URL
www.vugla.com/wp-content/themes/vugla/css/style_400.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2412 bytes)
Hash
1150741460f65df53d2a23c598e5807c
5520fd0a709fdfdc80089452403dbfa49b79f7d4
e0e19f2d1b42abb0a12a95da1488a3fb300ceeb34984bc9e321063184acb019b

HTTP Headers

GET /wp-content/themes/vugla/css/style_400.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2412
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/wpp.css

192.185.106.252

357 B

URL
www.vugla.com/wp-content/themes/vugla/css/wpp.css
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
357 B (357 bytes)
Hash
6b44660f121f565e2aab91b7b321ff28
62628718b7edeaccc74d1943d36bc1e0c9d16512
467aa063b813fd2fc1b3ebabc45d6e840d807dad90c169f0ee12f93bcf667851

HTTP Headers

GET /wp-content/themes/vugla/css/wpp.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:37 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 357
content-type: text/css
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js

192.243.61.225

9.3 kB

URL
pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
Unicode text, UTF-8 text, with very long lines (25099), with no line terminators
Size
9.3 kB (9278 bytes)
Hash
2b5bd7a676df5fb8ef2929293541e533
499c79bcf9c8a854b3d9ff9c732c4c663ad85fd4
824b8be599f20cf55dca6268c3d9cb831bd3d0ea61c5135245c73e93a65160a1

HTTP Headers

GET /c9123167a2366d360cd4d80dad2ac358/invoke.js HTTP/1.1
Host: pl16411290.alternativecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 05:01:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 29f7b0e1dfa7e8e2798b34a22f75937f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js

173.233.137.60

15 kB

URL
pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (42874), with no line terminators
Size
15 kB (15218 bytes)
Hash
3e9d4d0c234d13dd9a04ae57f2b379fb
b474db74be3e39099f383fa30854b7f9966fd93d
e28de590f916f0eb0c36c28b07306f23f2c6a765ba1ea75ee3aa00cd1507cb71

HTTP Headers

GET /d1/37/02/d137022925bcc2a680f8a4476ff94144.js HTTP/1.1
Host: pl15560907.passtechusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 05:01:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 55d10533889c7a522e6b53cd297bd246
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.kursnalista.co/banners/banners.js

192.185.106.47

1.3 kB

URL
www.kursnalista.co/banners/banners.js
IP
192.185.106.47:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, Unicode text, UTF-8 text, with very long lines (394), with CRLF line terminators
Size
1.3 kB (1261 bytes)
Hash
0fa58c243ecc9c6ff829da27563c78c4
771e757dcaddc90a127b557e6a8a69b9dfe4767d
4631955f687225007a1227be7e662f1f45798c13a573f70670e748ff50aa194b

HTTP Headers

GET /banners/banners.js HTTP/1.1
Host: www.kursnalista.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sun, 10 Jul 2022 10:44:43 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1261
content-type: application/javascript
date: Tue, 28 Nov 2023 05:01:52 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html

192.185.106.252

0 B

URL
www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-pingback: https://www.vugla.com/xmlrpc.php
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/", <https://www.vugla.com/wp-json/wp/v2/posts/570386>; rel="alternate"; type="application/json", <https://www.vugla.com/?p=570386>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=10800
expires: Tue, 28 Nov 2023 08:01:52 GMT
vary: User-Agent
referrer-policy: 
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 05:01:52 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

48 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:00:58 GMT
expires: Fri, 22 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 432054
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

216.58.207.227

50 kB

URL
fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 50368, version 1.0\012- data
Size
50 kB (50368 bytes)
Hash
4facfd6ff39e147b7e39c4b1abe4117d
0f7c0d978c209d21eb3f55950fc43e77c196ec3b
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

HTTP Headers

GET /s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 04:48:09 GMT
expires: Fri, 22 Nov 2024 04:48:09 GMT
cache-control: public, max-age=31536000
age: 432823
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

48 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:00:58 GMT
expires: Fri, 22 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 432054
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/preloader.gif

192.185.106.252

1.7 kB

URL
www.vugla.com/wp-content/themes/vugla/images/preloader.gif
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 16 x 16\012- data
Size
1.7 kB (1737 bytes)
Hash
dd6b7b0bf5c3af22499abc0a9ee1e1b2
e8c0018145d616fac4deb460d9c1d9c9dd4d3302
0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847

HTTP Headers

GET /wp-content/themes/vugla/images/preloader.gif HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:08 GMT
accept-ranges: bytes
content-length: 1737
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:52 GMT
referrer-policy: 
pragma: public
content-type: image/gif
date: Tue, 28 Nov 2023 05:01:52 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/search-arrow.png

192.185.106.252

3.1 kB

URL
www.vugla.com/wp-content/themes/vugla/images/search-arrow.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 75 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3075 bytes)
Hash
3f8933cdf4d27e317eb59959257f8c7a
b16e414fcb1561603cbf4ac404ec8b6fae1563ff
167925a8f225d7fc340317265409496b2d90e4313bd7d70bca4262bb1477eaf0

HTTP Headers

GET /wp-content/themes/vugla/images/search-arrow.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:13 GMT
accept-ranges: bytes
content-length: 3075
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:52 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:52 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html

192.185.106.252

0 B

URL
www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-pingback: https://www.vugla.com/xmlrpc.php
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/", <https://www.vugla.com/wp-json/wp/v2/posts/570386>; rel="alternate"; type="application/json", <https://www.vugla.com/?p=570386>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=10800
expires: Tue, 28 Nov 2023 08:01:52 GMT
vary: User-Agent
referrer-policy: 
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 05:01:52 GMT
server: Apache
X-Firefox-Spdy: h2

eehuzaih.com/400/5005565

139.45.197.237

35 kB

URL
eehuzaih.com/400/5005565
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
gzip compressed data, max speed, from Unix\012- data
Size
35 kB (34797 bytes)
Hash
bd63d06e23d58d62fa824c57d89e774f
52ddf816246db199a4e4768bea528cbc006797f8
18900bb7a2b2183e50d87d6c089972cd4373ac3b316d2f0e6d77199cdf917cfd

HTTP Headers

GET /400/5005565 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 05:01:52 GMT
content-type: application/javascript
x-trace-id: b4f3f483a5219f880897119ceda7e9ac
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=d43d1d0c9fd04dad941f21d855d4abc4; expires=Wed, 27 Nov 2024 05:01:52 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js

173.233.139.164

11 kB

URL
www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
exported SGML document, ASCII text, with very long lines (29643), with no line terminators
Size
11 kB (10916 bytes)
Hash
223406d9dbf6d31ee7d9236d1c95ea29
8a45024df7b5013212b1fd369c5670655bd55b66
8eb1cd23b38e67fb1ec812debb06ff9f68891aeecaf2edeba8c0a73081c27ed0

HTTP Headers

GET /c3b6bab9a3e6c622d733121998e0014d/invoke.js HTTP/1.1
Host: www.variouscreativeformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 05:01:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d37718eb2f84e5ccbad9efa76c876040
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

216.58.207.227

35 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Size
35 kB (35120 bytes)
Hash
dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:36:49 GMT
expires: Thu, 21 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
age: 458703
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

216.58.207.227

35 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Size
35 kB (35120 bytes)
Hash
dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:36:49 GMT
expires: Thu, 21 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
age: 458703
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ab08b21b37480bf609deaf73dcbf1e34
4121333c3a37ff481b30918ce3a1aa643cf813c2
d8c99d9c9d12731615d29afd9aba86e213ce6c7dfb8938334de50d3edfd78fcd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 Nov 2023 05:01:52 GMT
Last-Modified: Tue, 28 Nov 2023 04:25:17 GMT
Server: ECAcc (ska/F7A7)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sIp9Mg-y9c-b6HcPsDPY6KgYueBZiP9FbSp3P-kyo3SQ4c4AexcSxw==
Age: 2195

fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

216.58.207.227

50 kB

URL
fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 50368, version 1.0\012- data
Size
50 kB (50368 bytes)
Hash
4facfd6ff39e147b7e39c4b1abe4117d
0f7c0d978c209d21eb3f55950fc43e77c196ec3b
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

HTTP Headers

GET /s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 04:48:09 GMT
expires: Fri, 22 Nov 2024 04:48:09 GMT
cache-control: public, max-age=31536000
age: 432823
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

asleavannychan.com/zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471

139.45.197.250

972 B

URL
asleavannychan.com/zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (971)
Size
972 B (972 bytes)
Hash
64f047fe127c40083700b04d3811ca27
8f6e71715f3ae8766c33ae08d590fdc202bd865d
0dd4bfd4e574ecf2df30bcd49a6afbc84ffe9a14227f17502561dfca63a51ac7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: asleavannychan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 05:01:52 GMT
content-type: application/json; charset=utf-8
content-length: 972
x-trace-id: f06fdc1a23d7022124c70079bf0ef639
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.201.157

40 B

URL
proftrafficcounter.com/stats
IP
18.185.201.157:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ecb9bbff9fe5b21dd4e9991e30c3775f
200fcf848e7e3a2f29af6ed97952cc97814f7c53
18cb3a6475d0e61cb6bb540d2619c30a108f5f37c8ff459941d5a1382dc07d71

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 05:01:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.vugla.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=293dffb0-5564-429a-9d28-6eb3cf6e90cc:2:1; expires=Fri, 25 Nov 2033 05:01:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

12 B

URL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1722
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 28 Nov 2023 05:02:27 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3

192.185.106.252

83 B

URL
www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701147716.1.0.1701147716.60.0.0; _ga=GA1.1.1899466652.1701147716
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Tue, 28 Nov 2023 05:01:52 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.201.157

40 B

URL
proftrafficcounter.com/stats
IP
18.185.201.157:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
67708da4c811c3d7908260f1377db052
c8437c4541b0f34462ae4de59aca586816b20dbb
e50ea1226d6ef85f64086465d23f3b4264bc178c1ce0bde54e360089c006d125

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 05:01:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.vugla.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=74ae9841-68a2-4e78-afe6-ceba47be84e7:2:1; expires=Fri, 25 Nov 2033 05:01:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/small-social-sprite.png

192.185.106.252

3.8 kB

URL
www.vugla.com/wp-content/themes/vugla/images/small-social-sprite.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 272 x 95, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3812 bytes)
Hash
1aabf6dabc51ca6168aa98fbecbf79e2
0e4cb499aff16fedb2097658da7d2baa1bdafaa8
09ac67d0b81afe77f52b59ee9abc68ba2dd7cf0ebbc85703c75a76c2586e93aa

HTTP Headers

GET /wp-content/themes/vugla/images/small-social-sprite.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701147716.1.0.1701147716.60.0.0; _ga=GA1.1.1899466652.1701147716
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:16 GMT
accept-ranges: bytes
content-length: 3812
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:52 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:52 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/top-arrow.png

192.185.106.252

305 B

URL
www.vugla.com/wp-content/themes/vugla/images/top-arrow.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 50 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
305 B (305 bytes)
Hash
1fe20be2c98304e84623d10905435835
7ba0264f96984d92cfe0750c802f9af1ee7cb88b
1c3cbd61a972428028066c1e9abcfa7c0ef37d3b1de39d7b09455177a94eec52

HTTP Headers

GET /wp-content/themes/vugla/images/top-arrow.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701147716.1.0.1701147716.60.0.0; _ga=GA1.1.1899466652.1701147716
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:25 GMT
accept-ranges: bytes
content-length: 305
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:52 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:52 GMT
server: Apache
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=dcd35b83fad645f6a6b04890d246c40e

139.45.195.8

65 B

URL
my.rtmark.net/gid.js?userId=dcd35b83fad645f6a6b04890d246c40e
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
18473df38653ec6ab4bbbc8292692d78
247f1de0407a3d56f46f0a163e3cb9c7e6cd06af
1a50671a90e3c2a9ff24eedb2c1c30af3ead1b02d5520ea537c55d8376c360d1

HTTP Headers

GET /gid.js?userId=dcd35b83fad645f6a6b04890d246c40e HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 05:01:53 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dcd35b83fad645f6a6b04890d246c40e; expires=Wed, 27 Nov 2024 05:01:53 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/30-godina-je-posvetio-borbi-za-bolji-zivot-kolega-sada-podseca-na-pravi-narodni-zvuk-nagovorili-su-me-da-napravim-ovo-video-290x166.jpg

192.185.106.252

8.7 kB

URL
www.vugla.com/wp-content/uploads/2023/11/30-godina-je-posvetio-borbi-za-bolji-zivot-kolega-sada-podseca-na-pravi-narodni-zvuk-nagovorili-su-me-da-napravim-ovo-video-290x166.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 290x166, components 3\012- data
Size
8.7 kB (8727 bytes)
Hash
b8a84f09610ce162ad3ff9481fb9488c
5c8e08bcd1c203b396d09379d7eba94b3633a19b
b9eef60ab7959feeee26f04bc5014ceac5d5b119e776f021a192e8149a665d67

HTTP Headers

GET /wp-content/uploads/2023/11/30-godina-je-posvetio-borbi-za-bolji-zivot-kolega-sada-podseca-na-pravi-narodni-zvuk-nagovorili-su-me-da-napravim-ovo-video-290x166.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701147716.1.0.1701147716.60.0.0; _ga=GA1.1.1899466652.1701147716
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:18:49 GMT
accept-ranges: bytes
content-length: 8727
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:53 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:53 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/pionirka-sofija-stojsic-osvojila-bronzu-na-balkanskom-sampionatu-u-tekvondou-290x166.jpg

192.185.106.252

8.6 kB

URL
www.vugla.com/wp-content/uploads/2023/11/pionirka-sofija-stojsic-osvojila-bronzu-na-balkanskom-sampionatu-u-tekvondou-290x166.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 290x166, components 3\012- data
Size
8.6 kB (8612 bytes)
Hash
0014a98b89180db29630796ddba1acb7
dde92d74d4802d6a6247fa5008563b38e678d8ed
1952fda58565d31237e33ac7d23d7434f98af51cd68d99049b83a56bf941b59c

HTTP Headers

GET /wp-content/uploads/2023/11/pionirka-sofija-stojsic-osvojila-bronzu-na-balkanskom-sampionatu-u-tekvondou-290x166.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701147716.1.0.1701147716.60.0.0; _ga=GA1.1.1899466652.1701147716
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 10:54:33 GMT
accept-ranges: bytes
content-length: 8612
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:53 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:53 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/jedna-istanbulska-noc-1955-bila-je-za-grke-crna-kao-barjak-kako-je-nebo-plakalo-iznad-bosfora-290x166.jpg

192.185.106.252

16 kB

URL
www.vugla.com/wp-content/uploads/2023/11/jedna-istanbulska-noc-1955-bila-je-za-grke-crna-kao-barjak-kako-je-nebo-plakalo-iznad-bosfora-290x166.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 290x166, components 1\012- data
Size
16 kB (15524 bytes)
Hash
d038c3fa267b99d03cc257bb234680f6
73cae657ab0d63bf44e3cc66a3ebee016aff32b6
038ea5a74241a38def2a0d29da1318e309dcdd377fa13f2a01fe5308bc6b1ce5

HTTP Headers

GET /wp-content/uploads/2023/11/jedna-istanbulska-noc-1955-bila-je-za-grke-crna-kao-barjak-kako-je-nebo-plakalo-iznad-bosfora-290x166.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701147716.1.0.1701147716.60.0.0; _ga=GA1.1.1899466652.1701147716
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 10:54:25 GMT
accept-ranges: bytes
content-length: 15524
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:53 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:53 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/otac-i-atelje-212-gostuju-u-zagrebu-290x166.jpg

192.185.106.252

8.4 kB

URL
www.vugla.com/wp-content/uploads/2023/11/otac-i-atelje-212-gostuju-u-zagrebu-290x166.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 290x166, components 3\012- data
Size
8.4 kB (8384 bytes)
Hash
43a7a817a3b0c5194f28d665d1a0276a
0d82b6b701eed31d06056e433f9f53dae848006b
0dd1da67b7c2dc33050b9d6243558090542153eb0a60643f190262535bf4fffb

HTTP Headers

GET /wp-content/uploads/2023/11/otac-i-atelje-212-gostuju-u-zagrebu-290x166.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701147716.1.0.1701147716.60.0.0; _ga=GA1.1.1899466652.1701147716
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 26 Nov 2023 07:54:24 GMT
accept-ranges: bytes
content-length: 8384
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:53 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:53 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3

192.185.106.252

83 B

URL
www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701147716.1.0.1701147716.60.0.0; _ga=GA1.1.1899466652.1701147716
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Tue, 28 Nov 2023 05:01:53 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

192.185.106.252

38 kB

URL
www.vugla.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65447)
Size
38 kB (38349 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: application/javascript
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

keewoach.net/5/1316441

139.45.197.245

152 kB

URL
keewoach.net/5/1316441
IP
139.45.197.245:0
ASN
#9002 RETN Limited

File type
gzip compressed data, max speed, from Unix\012- data
Size
152 kB (151623 bytes)
Hash
c6631baa037e948f739329ba914486c2
c81289e7ef8f6486be3897470a0133843e47daa6
9ac58297470e96e5fc552158bdf973acc764b8af31955a99dc349c46895a9ae7

HTTP Headers

GET /5/1316441 HTTP/1.1
Host: keewoach.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 05:01:51 GMT
content-type: application/javascript
x-trace-id: 78f221ad9f41bdc07b9b17857751214e
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=dcd35b83fad645f6a6b04890d246c40e; expires=Wed, 27 Nov 2024 05:01:51 GMT; path=/; secure; SameSite=None
oaidts=1701147711; expires=Wed, 27 Nov 2024 05:01:51 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.201.157

40 B

URL
proftrafficcounter.com/stats
IP
18.185.201.157:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
67708da4c811c3d7908260f1377db052
c8437c4541b0f34462ae4de59aca586816b20dbb
e50ea1226d6ef85f64086465d23f3b4264bc178c1ce0bde54e360089c006d125

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: uid_id2=74ae9841-68a2-4e78-afe6-ceba47be84e7:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 05:01:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.vugla.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__

142.250.74.142

226 B

URL
apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
226 B (226 bytes)
Hash
4df07581948280a6e769a24c5d99d775
843a2c95362347eb8894a6acb607f139be65ded4
3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73

HTTP Headers

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 05:01:53 GMT
expires: Tue, 28 Nov 2023 05:31:53 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

slamscreechmilestone.com/ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3

173.233.139.164

13 kB

URL
slamscreechmilestone.com/ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (12680), with no line terminators
Size
13 kB (12681 bytes)
Hash
35d0a6c7da5bf698bde03d8827a46153
7839ca0cd325f0e23d03a53ebe50b3acbe1b3cb5
39dfe61a590d41718718755b8c8e8883a78336a617ecda5fe54bf6bec089933d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3 HTTP/1.1
Host: slamscreechmilestone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 05:01:53 GMT
Content-Type: application/json
Content-Length: 12681
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16310791; expires=Wed, 29 Nov 2023 05:01:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 29 Nov 2023 05:01:53 GMT; secure; SameSite=None
uncs=1; expires=Wed, 29 Nov 2023 05:01:53 GMT; secure; SameSite=None
pdhtkv49=true; expires=Wed, 29 Nov 2023 05:01:53 GMT; secure; SameSite=None
uncs49=1; expires=Wed, 29 Nov 2023 05:01:53 GMT; secure; SameSite=None
nlecc9123167a2366d360cd4d80dad2ac358=[2106764,2229215,3637745]; expires=Tue, 28 Nov 2023 05:01:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 73c061ee19fefbf4b310a7a16c6736d4
Strict-Transport-Security: max-age=0; includeSubdomains

www.vugla.com/wp-content/themes/vugla/images/pattern-filter.png

192.185.106.252

2.8 kB

URL
www.vugla.com/wp-content/themes/vugla/images/pattern-filter.png
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2804 bytes)
Hash
6d6f2d483736ba6f70063740ddf2841b
3b9dee704da0bf19a56b46584a55226a137504a9
dca9f66f2ff2d735f415080def56d34e60cf13cc65668bf9b422103cd3bee2a5

HTTP Headers

GET /wp-content/themes/vugla/images/pattern-filter.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701147716.1.0.1701147716.60.0.0; _ga=GA1.1.1899466652.1701147716
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:06 GMT
accept-ranges: bytes
content-length: 2804
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:53 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Tue, 28 Nov 2023 05:01:53 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2013/11/bckg-vugla-dark.jpg

192.185.106.252

267 kB

URL
www.vugla.com/wp-content/uploads/2013/11/bckg-vugla-dark.jpg
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 2000x1200, components 3\012- data
Size
267 kB (267247 bytes)
Hash
11e97d76a4b329319978b9da6f46b5b0
ae03d14a5b568ed59c1772ee2065e160e93428ae
9fbe33f0e52a532495bb5d56584e250e0d3cf1acc5a04acb7cbb2e39bb6c6a42

HTTP Headers

GET /wp-content/uploads/2013/11/bckg-vugla-dark.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701147716.1.0.1701147716.60.0.0; _ga=GA1.1.1899466652.1701147716
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 20 Nov 2013 16:40:33 GMT
accept-ranges: bytes
content-length: 267247
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Wed, 27 Nov 2024 05:01:53 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Tue, 28 Nov 2023 05:01:53 GMT
server: Apache
X-Firefox-Spdy: h2

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs

142.250.74.142

56 kB

URL
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1505)
Size
56 kB (55543 bytes)
Hash
620fbf745646ea3a31a2c6a1e60f3980
bf980a07d73531ef056d421b2d0d92ac424cb5d7
3316b3ce32bd93cd3f04aa87e38fca639c28710f5b88c0ddc7b29d60e5d5eac4

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 55543
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:50:08 GMT
expires: Thu, 21 Nov 2024 21:50:08 GMT
cache-control: public, max-age=31536000
age: 457905
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_1?le=scs

142.250.74.142

34 kB

URL
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_1?le=scs
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1586)
Size
34 kB (34295 bytes)
Hash
402dc2a6ef11dbb38ac2901d50406f90
a97c5825c897babb81d06f7666670673a83e5d3a
effbe7106f3934dae78e0c57f5fdeb1a506ad6508454997502a2a9f0ac93b4a8

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 34295
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:48:46 GMT
expires: Thu, 21 Nov 2024 21:48:46 GMT
cache-control: public, max-age=31536000
age: 457987
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7NCJ73THPT&cid=1899466652.1701147716&gtm=45je3b81v879882835&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=69278423

142.250.74.163

42 B

URL
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7NCJ73THPT&cid=1899466652.1701147716&gtm=45je3b81v879882835&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=69278423
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7NCJ73THPT&cid=1899466652.1701147716&gtm=45je3b81v879882835&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=69278423 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 05:01:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/favicon.ico

192.185.106.252

0 B

URL
www.vugla.com/favicon.ico
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701147716.1.0.1701147716.60.0.0; _ga=GA1.1.1899466652.1701147716
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
content-security-policy: upgrade-insecure-requests;
location: https://www.vugla.com/wp-includes/images/w-logo-blue-white-bg.png
cache-control: max-age=10800
expires: Tue, 28 Nov 2023 08:01:53 GMT
vary: User-Agent
referrer-policy: 
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 05:01:53 GMT
server: Apache
X-Firefox-Spdy: h2

eehuzaih.com/500/5005565?excludes=&oaid=p6mr317037cf614533654g7s2mtlj577&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.311.0

139.45.197.237

0 B

URL
eehuzaih.com/500/5005565?excludes=&oaid=p6mr317037cf614533654g7s2mtlj577&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.311.0
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/5005565?excludes=&oaid=p6mr317037cf614533654g7s2mtlj577&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.311.0 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 05:01:53 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/js/scripts.js?ver=6.4.1

192.185.106.252

28 kB

URL
www.vugla.com/wp-content/themes/vugla/js/scripts.js?ver=6.4.1
IP
192.185.106.252:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
gzip compressed data, from Unix\012- data
Size
28 kB (27663 bytes)
Hash
1c3cf55c526c668002f10198de67e83d
7683ed74ca9420d088db7d9b787a430f6e4c09f3
3f715f767b9efdc7755e3329eef15537c3dd043334fc07935b3db7ebd2b959c0

HTTP Headers

GET /wp-content/themes/vugla/js/scripts.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/er-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 12:00:03 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: application/javascript
date: Tue, 28 Nov 2023 05:01:51 GMT
server: Apache
X-Firefox-Spdy: h2

tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=p6mr317037cf614533654g7s2mtlj577

139.45.197.238

0 B

URL
tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=p6mr317037cf614533654g7s2mtlj577
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=p6mr317037cf614533654g7s2mtlj577 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 28 Nov 2023 05:01:53 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js

216.58.207.227

5.2 kB

URL
ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3496)
Size
5.2 kB (5186 bytes)
Hash
92169c8a0fbf6e404267d0705cdbdf42
a5cd88b74ca5ced239cdbfb458fe25540d671f46
dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

HTTP Headers

GET /accounts/o/478691279-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 5186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:37:14 GMT
expires: Thu, 21 Nov 2024 21:37:14 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 17 Nov 2023 17:06:44 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 458680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/js/rpc:shindig_random.js?onload=init

142.250.74.142

7.1 kB

URL
apis.google.com/js/rpc:shindig_random.js?onload=init
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2056)
Size
7.1 kB (7122 bytes)
Hash
156bf4f08d76591f5d6d5805cab18b75
fbdaf1e18e5dbfe807cbe745f4ef1c20549578a4
d654ba61eb4a272d76a9584f27d09926c1e43014913d867f2bc01c1427176de5

HTTP Headers

GET /js/rpc:shindig_random.js?onload=init HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 7122
date: Tue, 28 Nov 2023 05:01:54 GMT
expires: Tue, 28 Nov 2023 05:01:54 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "05cd1a187895dd61"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=bis4cWkFFy54WYBaf_pPy3DL44IgGQCjwbmGxPTk8dTdPUiuG2iFDnRZknrxEiN4A0EAysAlMQxhNe0cdya-KOAkQEQ8LxPCbO_cRb4WBcGi8yex1vxQopd_3g7uR49QwiVlBXmBrqKeghVHhRURFP1k_RCUG_6KuC3qaD-X-3w; expires=Wed, 29-May-2024 05:01:54 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs

142.250.74.142

23 kB

URL
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1505)
Size
23 kB (23240 bytes)
Hash
cdb36a850d26fccb00efbfed7d979ce1
9c55aa9dea8adadf4492720a10a9dd247850b021
d127dd2279301f5a78a378d3c716874f4d1c87fb320715231fcfb48619479e04

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 23240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:52:09 GMT
expires: Thu, 21 Nov 2024 21:52:09 GMT
cache-control: public, max-age=31536000
age: 457785
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

proftrafficcounter.com/stats

18.185.201.157

40 B

URL
proftrafficcounter.com/stats
IP
18.185.201.157:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
67708da4c811c3d7908260f1377db052
c8437c4541b0f34462ae4de59aca586816b20dbb
e50ea1226d6ef85f64086465d23f3b4264bc178c1ce0bde54e360089c006d125

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: uid_id2=74ae9841-68a2-4e78-afe6-ceba47be84e7:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.vugla.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=p6mr317037cf614533654g7s2mtlj577

139.45.195.8

65 B

URL
my.rtmark.net/gid.js?userId=p6mr317037cf614533654g7s2mtlj577
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
18473df38653ec6ab4bbbc8292692d78
247f1de0407a3d56f46f0a163e3cb9c7e6cd06af
1a50671a90e3c2a9ff24eedb2c1c30af3ead1b02d5520ea537c55d8376c360d1

HTTP Headers

GET /gid.js?userId=p6mr317037cf614533654g7s2mtlj577 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: ID=dcd35b83fad645f6a6b04890d246c40e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dcd35b83fad645f6a6b04890d246c40e; expires=Wed, 27 Nov 2024 05:01:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

tharbadir.com/11?rnd=3461725681&z=2892323&b=19244821&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=jbbLtnBy-eJ4XdkTUIeIbAkotTk3jSl-3zl1nN0ObBfdB12788oAt406RxAHfpHXF_gvj08Av9LOSS7Yq9-m1EgZHvuFBlCDIZJC-K0c6gEMmtC-6gE6X0yxb6XP64MceiMovZ4l2X8DsL84D9sNkMXJm57IEOrtdZY9EXCGrZ5uc9wG751UgWndWP3rmQfn8VubcuRzMZ2odBU2GSnRbMdx48rjeBcfOOxkZ1igAGz8l0-fFI1mXXrtQRa0EOOrqPqEdyyRgV2H7iMeE1ix3oH8NlSyjyLA0rHmcOEQGVOxm6U6-uvCLjGKPvC4G7H9J-Z7hydV10fQWD8y7LWw_UacLjEFCQ7DsSTrz-cdqlNtfbpCH1dYVSQXJcdzeX1Jr8USZzSR0IafVhlYEh4TzVsQVh-jaYnyQ47NcsqhrYXc8kV18avJfcZdGirJPgHwIUmBpNn48sUNumHbIAuIZ6mo9CU1lnQMrmYlsMwIdpZvq8Qq2OgE1WifjKj-rfZX0RkkTyxJJtAacIwYUsJYMkKt1AN2Y_8WJZis1PFNhqBa3Z2vdHqbev4RrTGPSkMy1RI3ytvknB2R3P51k6dpGpCK4G3zpdnrApJh_D5RsODDAM7sggyZS_4E4aCPd9qxwu8KkhYa3VyShJaonAbGw5hoDuOfSVvYLHTWqxzs4yhtHaDh12JroCT2dMgTcsH-cxQGnK_mO1FuxMGXrvUexU6ICpvXhlbQ&ruid=03b5f3a9-5642-4eda-9f1e-9b3be19d4741&subid=753230711479083008&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ot=262

139.45.197.238

0 B

URL
tharbadir.com/11?rnd=3461725681&z=2892323&b=19244821&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=jbbLtnBy-eJ4XdkTUIeIbAkotTk3jSl-3zl1nN0ObBfdB12788oAt406RxAHfpHXF_gvj08Av9LOSS7Yq9-m1EgZHvuFBlCDIZJC-K0c6gEMmtC-6gE6X0yxb6XP64MceiMovZ4l2X8DsL84D9sNkMXJm57IEOrtdZY9EXCGrZ5uc9wG751UgWndWP3rmQfn8VubcuRzMZ2odBU2GSnRbMdx48rjeBcfOOxkZ1igAGz8l0-fFI1mXXrtQRa0EOOrqPqEdyyRgV2H7iMeE1ix3oH8NlSyjyLA0rHmcOEQGVOxm6U6-uvCLjGKPvC4G7H9J-Z7hydV10fQWD8y7LWw_UacLjEFCQ7DsSTrz-cdqlNtfbpCH1dYVSQXJcdzeX1Jr8USZzSR0IafVhlYEh4TzVsQVh-jaYnyQ47NcsqhrYXc8kV18avJfcZdGirJPgHwIUmBpNn48sUNumHbIAuIZ6mo9CU1lnQMrmYlsMwIdpZvq8Qq2OgE1WifjKj-rfZX0RkkTyxJJtAacIwYUsJYMkKt1AN2Y_8WJZis1PFNhqBa3Z2vdHqbev4RrTGPSkMy1RI3ytvknB2R3P51k6dpGpCK4G3zpdnrApJh_D5RsODDAM7sggyZS_4E4aCPd9qxwu8KkhYa3VyShJaonAbGw5hoDuOfSVvYLHTWqxzs4yhtHaDh12JroCT2dMgTcsH-cxQGnK_mO1FuxMGXrvUexU6ICpvXhlbQ&ruid=03b5f3a9-5642-4eda-9f1e-9b3be19d4741&subid=753230711479083008&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ot=262
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=3461725681&z=2892323&b=19244821&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=jbbLtnBy-eJ4XdkTUIeIbAkotTk3jSl-3zl1nN0ObBfdB12788oAt406RxAHfpHXF_gvj08Av9LOSS7Yq9-m1EgZHvuFBlCDIZJC-K0c6gEMmtC-6gE6X0yxb6XP64MceiMovZ4l2X8DsL84D9sNkMXJm57IEOrtdZY9EXCGrZ5uc9wG751UgWndWP3rmQfn8VubcuRzMZ2odBU2GSnRbMdx48rjeBcfOOxkZ1igAGz8l0-fFI1mXXrtQRa0EOOrqPqEdyyRgV2H7iMeE1ix3oH8NlSyjyLA0rHmcOEQGVOxm6U6-uvCLjGKPvC4G7H9J-Z7hydV10fQWD8y7LWw_UacLjEFCQ7DsSTrz-cdqlNtfbpCH1dYVSQXJcdzeX1Jr8USZzSR0IafVhlYEh4TzVsQVh-jaYnyQ47NcsqhrYXc8kV18avJfcZdGirJPgHwIUmBpNn48sUNumHbIAuIZ6mo9CU1lnQMrmYlsMwIdpZvq8Qq2OgE1WifjKj-rfZX0RkkTyxJJtAacIwYUsJYMkKt1AN2Y_8WJZis1PFNhqBa3Z2vdHqbev4RrTGPSkMy1RI3ytvknB2R3P51k6dpGpCK4G3zpdnrApJh_D5RsODDAM7sggyZS_4E4aCPd9qxwu8KkhYa3VyShJaonAbGw5hoDuOfSVvYLHTWqxzs4yhtHaDh12JroCT2dMgTcsH-cxQGnK_mO1FuxMGXrvUexU6ICpvXhlbQ&ruid=03b5f3a9-5642-4eda-9f1e-9b3be19d4741&subid=753230711479083008&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ot=262 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: scm=1; OAID=p6mr317037cf614533654g7s2mtlj577; oaidts=1701147711
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 7ac1a78d943ea2087e9361556e5b5a79
access-control-expose-headers: X-Sc
set-cookie: OAID=p6mr317037cf614533654g7s2mtlj577; expires=Wed, 27 Nov 2024 05:01:54 GMT; secure; SameSite=None
oaidts=1701147711; expires=Wed, 27 Nov 2024 05:01:54 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

192.243.59.20

0 B

URL
www.profitabledisplaycontent.com/watch.275897760543.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22er%22%2C%22srbija%22%2C%22uvela%22%2C%22novu%22%2C%22liniju%22%2C%22od%22%2C%22danas%22%2C%22let%22%2C%22direktno%22%2C%22do%22%2C%22porta%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&tz=0&dev=e&res=14.3095&uuid=
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.275897760543.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22er%22%2C%22srbija%22%2C%22uvela%22%2C%22novu%22%2C%22liniju%22%2C%22od%22%2C%22danas%22%2C%22let%22%2C%22direktno%22%2C%22do%22%2C%22porta%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&tz=0&dev=e&res=14.3095&uuid= HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 05:01:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.275897760543.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22er%22%2C%22srbija%22%2C%22uvela%22%2C%22novu%22%2C%22liniju%22%2C%22od%22%2C%22danas%22%2C%22let%22%2C%22direktno%22%2C%22do%22%2C%22porta%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&tz=0&dev=e&res=14.3095&uuid=&shu=147eb121410c5c8310718dbb50dcf25aeba73f21d6737f246d960c437d094afd76001273bb45efb4da218f7ae7f7a3a78983f978dc2774caaa897694e14d099395359e4dba8afaa39773e187cf92e24abb34255f137d77aad3fd286c4829f2d6c99f62&pst=1701147774&rmtc=t
Set-Cookie: u_pl=14611544; expires=Wed, 29 Nov 2023 05:01:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDYxMTU0NCwiayI6ImMzYjZiYWI5YTNlNmM2MjJkNzMzMTIxOTk4ZTAwMTRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDcwMTYsInBpZCI6ODU0ODQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjcsInB0Ijo0LCJwayI6ImUydHg4d3EydHciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tL2VyLXNyYmlqYS11dmVsYS1ub3Z1LWxpbmlqdS1vZC1kYW5hcy1sZXQtZGlyZWt0bm8tZG8tcG9ydGEuaHRtbCJ9fQ.CvVLwMmwmXA-OpEUorRuxnwkjjCpt5Sx5NByQ_o-Skw; expires=Tue, 28 Nov 2023 05:02:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5b093278e10f87aa6589d6a569fe9022
Strict-Transport-Security: max-age=0; includeSubdomains

tharbadir.com/121?rnd=90764288&z=2892323&b=19244821&c=7527857&var=&varid=0&d=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Interstitial_Conv_ALL_12_10_2023%26sub2%3Dpropeller%26sub6%3D753230711479083008&cln={CELL_NUMBER}&btp=7&rb=jbbLtnBy-eJ4XdkTUIeIbAkotTk3jSl-3zl1nN0ObBfdB12788oAt406RxAHfpHXF_gvj08Av9LOSS7Yq9-m1EgZHvuFBlCDIZJC-K0c6gEMmtC-6gE6X0yxb6XP64MceiMovZ4l2X8DsL84D9sNkMXJm57IEOrtdZY9EXCGrZ5uc9wG751UgWndWP3rmQfn8VubcuRzMZ2odBU2GSnRbMdx48rjeBcfOOxkZ1igAGz8l0-fFI1mXXrtQRa0EOOrqPqEdyyRgV2H7iMeE1ix3oH8NlSyjyLA0rHmcOEQGVOxm6U6-uvCLjGKPvC4G7H9J-Z7hydV10fQWD8y7LWw_UacLjEFCQ7DsSTrz-cdqlNtfbpCH1dYVSQXJcdzeX1Jr8USZzSR0IafVhlYEh4TzVsQVh-jaYnyQ47NcsqhrYXc8kV18avJfcZdGirJPgHwIUmBpNn48sUNumHbIAuIZ6mo9CU1lnQMrmYlsMwIdpZvq8Qq2OgE1WifjKj-rfZX0RkkTyxJJtAacIwYUsJYMkKt1AN2Y_8WJZis1PFNhqBa3Z2vdHqbev4RrTGPSkMy1RI3ytvknB2R3P51k6dpGpCK4G3zpdnrApJh_D5RsODDAM7sggyZS_4E4aCPd9qxwu8KkhYa3VyShJaonAbGw5hoDuOfSVvYLHTWqxzs4yhtHaDh12JroCT2dMgTcsH-cxQGnK_mO1FuxMGXrvUexU6ICpvXhlbQ&bag=LFrr1V8ILdsHe6_T9TQN7YnqvrJ7IrpO&ruid=03b5f3a9-5642-4eda-9f1e-9b3be19d4741&subid=753230711479083008

139.45.197.238

0 B

URL
tharbadir.com/121?rnd=90764288&z=2892323&b=19244821&c=7527857&var=&varid=0&d=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Interstitial_Conv_ALL_12_10_2023%26sub2%3Dpropeller%26sub6%3D753230711479083008&cln={CELL_NUMBER}&btp=7&rb=jbbLtnBy-eJ4XdkTUIeIbAkotTk3jSl-3zl1nN0ObBfdB12788oAt406RxAHfpHXF_gvj08Av9LOSS7Yq9-m1EgZHvuFBlCDIZJC-K0c6gEMmtC-6gE6X0yxb6XP64MceiMovZ4l2X8DsL84D9sNkMXJm57IEOrtdZY9EXCGrZ5uc9wG751UgWndWP3rmQfn8VubcuRzMZ2odBU2GSnRbMdx48rjeBcfOOxkZ1igAGz8l0-fFI1mXXrtQRa0EOOrqPqEdyyRgV2H7iMeE1ix3oH8NlSyjyLA0rHmcOEQGVOxm6U6-uvCLjGKPvC4G7H9J-Z7hydV10fQWD8y7LWw_UacLjEFCQ7DsSTrz-cdqlNtfbpCH1dYVSQXJcdzeX1Jr8USZzSR0IafVhlYEh4TzVsQVh-jaYnyQ47NcsqhrYXc8kV18avJfcZdGirJPgHwIUmBpNn48sUNumHbIAuIZ6mo9CU1lnQMrmYlsMwIdpZvq8Qq2OgE1WifjKj-rfZX0RkkTyxJJtAacIwYUsJYMkKt1AN2Y_8WJZis1PFNhqBa3Z2vdHqbev4RrTGPSkMy1RI3ytvknB2R3P51k6dpGpCK4G3zpdnrApJh_D5RsODDAM7sggyZS_4E4aCPd9qxwu8KkhYa3VyShJaonAbGw5hoDuOfSVvYLHTWqxzs4yhtHaDh12JroCT2dMgTcsH-cxQGnK_mO1FuxMGXrvUexU6ICpvXhlbQ&bag=LFrr1V8ILdsHe6_T9TQN7YnqvrJ7IrpO&ruid=03b5f3a9-5642-4eda-9f1e-9b3be19d4741&subid=753230711479083008
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /121?rnd=90764288&z=2892323&b=19244821&c=7527857&var=&varid=0&d=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Interstitial_Conv_ALL_12_10_2023%26sub2%3Dpropeller%26sub6%3D753230711479083008&cln={CELL_NUMBER}&btp=7&rb=jbbLtnBy-eJ4XdkTUIeIbAkotTk3jSl-3zl1nN0ObBfdB12788oAt406RxAHfpHXF_gvj08Av9LOSS7Yq9-m1EgZHvuFBlCDIZJC-K0c6gEMmtC-6gE6X0yxb6XP64MceiMovZ4l2X8DsL84D9sNkMXJm57IEOrtdZY9EXCGrZ5uc9wG751UgWndWP3rmQfn8VubcuRzMZ2odBU2GSnRbMdx48rjeBcfOOxkZ1igAGz8l0-fFI1mXXrtQRa0EOOrqPqEdyyRgV2H7iMeE1ix3oH8NlSyjyLA0rHmcOEQGVOxm6U6-uvCLjGKPvC4G7H9J-Z7hydV10fQWD8y7LWw_UacLjEFCQ7DsSTrz-cdqlNtfbpCH1dYVSQXJcdzeX1Jr8USZzSR0IafVhlYEh4TzVsQVh-jaYnyQ47NcsqhrYXc8kV18avJfcZdGirJPgHwIUmBpNn48sUNumHbIAuIZ6mo9CU1lnQMrmYlsMwIdpZvq8Qq2OgE1WifjKj-rfZX0RkkTyxJJtAacIwYUsJYMkKt1AN2Y_8WJZis1PFNhqBa3Z2vdHqbev4RrTGPSkMy1RI3ytvknB2R3P51k6dpGpCK4G3zpdnrApJh_D5RsODDAM7sggyZS_4E4aCPd9qxwu8KkhYa3VyShJaonAbGw5hoDuOfSVvYLHTWqxzs4yhtHaDh12JroCT2dMgTcsH-cxQGnK_mO1FuxMGXrvUexU6ICpvXhlbQ&bag=LFrr1V8ILdsHe6_T9TQN7YnqvrJ7IrpO&ruid=03b5f3a9-5642-4eda-9f1e-9b3be19d4741&subid=753230711479083008 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: scm=1; OAID=p6mr317037cf614533654g7s2mtlj577; oaidts=1701147711
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Tue, 28 Nov 2023 05:01:54 GMT
content-length: 0
location: https://promo.pixelsee.app/?r=PropellerAds_VT_Interstitial_Conv_ALL_12_10_2023&sub2=propeller&sub6=753230711479083008
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 9fcdfd3b22f55a321a047cd71d90f9be
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

slamscreechmilestone.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuuzuzHF%2FQgBi%2BCh0ZQFGS2e36POYTEuLK42V2TyJ6rq6pny63uaqq6p2f3tDEgOXgY8aKeep%2FZzZK4BPMHKDLrJSwIOxfZgyt4E7yIEHKUngyMvlD1vk897%2BF53rc%2B28vOiYeMnq3f0DtSKbrYrHruWxsy5jq37upt1%2Feq3mV3Q8atxmV3UF6m%2F67vNave2%2B4Hgm3pxZrne57v%2Be6SNCLUg8UpC5kcdf1q16s2alW%2F2cDA%2FBfbzIGlDnj%2FnFyC5JP%2FbT55DMnGiKPvrgu7lerknfejTNFUG%2FT54cfxVqzzGNG8DI2DMD6cdUPbCSFfXYCOD2cOoPv7pQMEckKcX3wE8eFMJoL%2BwXOlgYKIEfAXkffHEGoMScdg%2Bi4kPyUA41hdQxzdX9Ump9vPWVqyE7Lw9G%2FIfEIWfn0FcfTompID95ZWWSp1bDEIC8jBGLI3RpIdI91xIPNjsPRTSP4zWXy6gjjaX7NKQ%2FJi6l7KMWQ4hhJDUOsgK490kIUOssRBxM9c2uyGntcOg7Be7zQYY%2FU6Y81Oizd5vdEJPWSslDdEmgzB1BDM7CIxu9iSX5w2L8FkP8JuFrDcgU0nxPloF31eIBcEuSXIKUEuCfKUIO8XB1zZmi3uc2WzwJ%2Fl2izXi5FOe3v0QKc9EZO95Jy8PB3Ns9%2F%2Fjy1x5rKuX6v7rTat1VstXm95jDd4x%2BOU1yirNzuwsoC0F6Zud8o94SKSMt%2F4EwE9hlXHYLICmvmg%2Bahd80A3R42Oh534QT%2FrKVplOgLXBZJ0Aem2s6fOyatTEe4bn0OwkysPXzu66L%2F5B5gpkJgCn8ifCHrq3uimzsn%2BTZ1b8ngtSWUkd2i5u1spTUXl4YdiO9eGL1%2B3wwdXWUmU5dFtYdMVGnMZ9yz59prkXJglbZgg3y%2FbDRGsZ3bzWmbiLFlZf29pOUqMsFbqeAwqT9eegckJWbjzw%2FRXvjR5BGnGMFmBKDshs4DUx2DJLmwyV281gVHzniBxkGfFyNSC%2BaOSBErMMQ0K2H%2FhYF7v2XvomQpoehdxVKBvCvRVAaqGsNkLozQxJ1eefF3GNwhUZRQoU9kPlFFfTkc7Ia9XfpuQ9p2%2FYOWZK5qhFwqvJoKwG4Rt6vFu2OgGtOuLdtCkPlI7ESK9%2Bg8AAAD%2F%2FwEAAP%2F%2FO7Km%2FHcEAAA%3D

173.233.139.164

7 B

URL
slamscreechmilestone.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuuzuzHF%2FQgBi%2BCh0ZQFGS2e36POYTEuLK42V2TyJ6rq6pny63uaqq6p2f3tDEgOXgY8aKeep%2FZzZK4BPMHKDLrJSwIOxfZgyt4E7yIEHKUngyMvlD1vk897%2BF53rc%2B28vOiYeMnq3f0DtSKbrYrHruWxsy5jq37upt1%2Feq3mV3Q8atxmV3UF6m%2F67vNave2%2B4Hgm3pxZrne57v%2Be6SNCLUg8UpC5kcdf1q16s2alW%2F2cDA%2FBfbzIGlDnj%2FnFyC5JP%2FbT55DMnGiKPvrgu7lerknfejTNFUG%2FT54cfxVqzzGNG8DI2DMD6cdUPbCSFfXYCOD2cOoPv7pQMEckKcX3wE8eFMJoL%2BwXOlgYKIEfAXkffHEGoMScdg%2Bi4kPyUA41hdQxzdX9Ump9vPWVqyE7Lw9G%2FIfEIWfn0FcfTompID95ZWWSp1bDEIC8jBGLI3RpIdI91xIPNjsPRTSP4zWXy6gjjaX7NKQ%2FJi6l7KMWQ4hhJDUOsgK490kIUOssRBxM9c2uyGntcOg7Be7zQYY%2FU6Y81Oizd5vdEJPWSslDdEmgzB1BDM7CIxu9iSX5w2L8FkP8JuFrDcgU0nxPloF31eIBcEuSXIKUEuCfKUIO8XB1zZmi3uc2WzwJ%2Fl2izXi5FOe3v0QKc9EZO95Jy8PB3Ns9%2F%2Fjy1x5rKuX6v7rTat1VstXm95jDd4x%2BOU1yirNzuwsoC0F6Zud8o94SKSMt%2F4EwE9hlXHYLICmvmg%2Bahd80A3R42Oh534QT%2FrKVplOgLXBZJ0Aem2s6fOyatTEe4bn0OwkysPXzu66L%2F5B5gpkJgCn8ifCHrq3uimzsn%2BTZ1b8ngtSWUkd2i5u1spTUXl4YdiO9eGL1%2B3wwdXWUmU5dFtYdMVGnMZ9yz59prkXJglbZgg3y%2FbDRGsZ3bzWmbiLFlZf29pOUqMsFbqeAwqT9eegckJWbjzw%2FRXvjR5BGnGMFmBKDshs4DUx2DJLmwyV281gVHzniBxkGfFyNSC%2BaOSBErMMQ0K2H%2FhYF7v2XvomQpoehdxVKBvCvRVAaqGsNkLozQxJ1eefF3GNwhUZRQoU9kPlFFfTkc7Ia9XfpuQ9p2%2FYOWZK5qhFwqvJoKwG4Rt6vFu2OgGtOuLdtCkPlI7ESK9%2Bg8AAAD%2F%2FwEAAP%2F%2FO7Km%2FHcEAAA%3D
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuuzuzHF%2FQgBi%2BCh0ZQFGS2e36POYTEuLK42V2TyJ6rq6pny63uaqq6p2f3tDEgOXgY8aKeep%2FZzZK4BPMHKDLrJSwIOxfZgyt4E7yIEHKUngyMvlD1vk897%2BF53rc%2B28vOiYeMnq3f0DtSKbrYrHruWxsy5jq37upt1%2Feq3mV3Q8atxmV3UF6m%2F67vNave2%2B4Hgm3pxZrne57v%2Be6SNCLUg8UpC5kcdf1q16s2alW%2F2cDA%2FBfbzIGlDnj%2FnFyC5JP%2FbT55DMnGiKPvrgu7lerknfejTNFUG%2FT54cfxVqzzGNG8DI2DMD6cdUPbCSFfXYCOD2cOoPv7pQMEckKcX3wE8eFMJoL%2BwXOlgYKIEfAXkffHEGoMScdg%2Bi4kPyUA41hdQxzdX9Ump9vPWVqyE7Lw9G%2FIfEIWfn0FcfTompID95ZWWSp1bDEIC8jBGLI3RpIdI91xIPNjsPRTSP4zWXy6gjjaX7NKQ%2FJi6l7KMWQ4hhJDUOsgK490kIUOssRBxM9c2uyGntcOg7Be7zQYY%2FU6Y81Oizd5vdEJPWSslDdEmgzB1BDM7CIxu9iSX5w2L8FkP8JuFrDcgU0nxPloF31eIBcEuSXIKUEuCfKUIO8XB1zZmi3uc2WzwJ%2Fl2izXi5FOe3v0QKc9EZO95Jy8PB3Ns9%2F%2Fjy1x5rKuX6v7rTat1VstXm95jDd4x%2BOU1yirNzuwsoC0F6Zud8o94SKSMt%2F4EwE9hlXHYLICmvmg%2Bahd80A3R42Oh534QT%2FrKVplOgLXBZJ0Aem2s6fOyatTEe4bn0OwkysPXzu66L%2F5B5gpkJgCn8ifCHrq3uimzsn%2BTZ1b8ngtSWUkd2i5u1spTUXl4YdiO9eGL1%2B3wwdXWUmU5dFtYdMVGnMZ9yz59prkXJglbZgg3y%2FbDRGsZ3bzWmbiLFlZf29pOUqMsFbqeAwqT9eegckJWbjzw%2FRXvjR5BGnGMFmBKDshs4DUx2DJLmwyV281gVHzniBxkGfFyNSC%2BaOSBErMMQ0K2H%2FhYF7v2XvomQpoehdxVKBvCvRVAaqGsNkLozQxJ1eefF3GNwhUZRQoU9kPlFFfTkc7Ia9XfpuQ9p2%2FYOWZK5qhFwqvJoKwG4Rt6vFu2OgGtOuLdtCkPlI7ESK9%2Bg8AAAD%2F%2FwEAAP%2F%2FO7Km%2FHcEAAA%3D HTTP/1.1
Host: slamscreechmilestone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=16310791; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 05:01:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 81e0138d6752e72fadf0ebe6ef0d5f9b
Strict-Transport-Security: max-age=0; includeSubdomains

offerimage.com/www/images/b89a854cfb66584b3f5fef24e571e8b5.png

104.22.33.172

93 kB

URL
offerimage.com/www/images/b89a854cfb66584b3f5fef24e571e8b5.png
IP
104.22.33.172:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
93 kB (92662 bytes)
Hash
b89a854cfb66584b3f5fef24e571e8b5
9bb5f94bcc641c8cfbc2e24f0a2af5bd07a3a1ea
7228a1274993f4e608b4f0952b2197db136917df3d8ae95ea16a9a34769945e7

HTTP Headers

GET /www/images/b89a854cfb66584b3f5fef24e571e8b5.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: image/png
content-length: 92662
last-modified: Thu, 10 Dec 2020 16:03:56 GMT
etag: "5fd246ec-169f6"
expires: Tue, 28 Nov 2023 15:02:23 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 50371
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d00e3e2f2e0a3f-ARN
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg

45.133.44.9

29 kB

URL
cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
29 kB (28852 bytes)
Hash
76f54f42b70d14a6d6bfe2f8b1945265
197daa3737be8968bf39ff28000663c1c17deeb2
c864fde3026e05a2cc34b4348fa4888d3ae44202179277877d082cadd9971abc

HTTP Headers

GET /cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: image/jpeg
content-length: 28852
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:18:59 GMT
etag: "61124483-70b4"
expires: Thu, 30 Nov 2023 05:01:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg

45.133.44.9

23 kB

URL
cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
23 kB (22883 bytes)
Hash
c6f19781c79ff746b99178f813cfbff2
5c307e43c63001535aa3a3683777dbb1a7f0775b
816b5a5d078f27271fa2d7c210d708f386a6f9fbd9242531b07f0b051382870d

HTTP Headers

GET /cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: image/jpeg
content-length: 22883
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:15:16 GMT
etag: "611243a4-5963"
expires: Thu, 30 Nov 2023 05:01:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

asleavannychan.com/custom

139.45.197.250

0 B

URL
asleavannychan.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: asleavannychan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=08d6c731bef64b118ac650e6ab09a358&zoneId=1548391&checkDuplicate=true&ymid=&var=

139.45.195.8

65 B

URL
my.rtmark.net/gid.js?pub=0&userId=08d6c731bef64b118ac650e6ab09a358&zoneId=1548391&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
18473df38653ec6ab4bbbc8292692d78
247f1de0407a3d56f46f0a163e3cb9c7e6cd06af
1a50671a90e3c2a9ff24eedb2c1c30af3ead1b02d5520ea537c55d8376c360d1

HTTP Headers

GET /gid.js?pub=0&userId=08d6c731bef64b118ac650e6ab09a358&zoneId=1548391&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Cookie: ID=dcd35b83fad645f6a6b04890d246c40e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dcd35b83fad645f6a6b04890d246c40e; expires=Wed, 27 Nov 2024 05:01:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

asleavannychan.com/custom

139.45.197.250

0 B

URL
asleavannychan.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: asleavannychan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg

45.133.44.9

21 kB

URL
cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
21 kB (20566 bytes)
Hash
8f4953c1b8baece7bb7d226247561ce2
da5d440970606602026d7900a55ae2fd27a3f170
8fd9df7d8e48ff2519631e82e01519d4f1c65abd41ec977c18abb58df9832919

HTTP Headers

GET /si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: image/jpeg
content-length: 20566
server: nginx/1.21.6
last-modified: Thu, 01 Sep 2022 12:51:28 GMT
etag: "6310aad0-5056"
expires: Thu, 30 Nov 2023 05:01:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

slamscreechmilestone.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js

173.233.139.164

25 kB

URL
slamscreechmilestone.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (62403), with no line terminators
Size
25 kB (24576 bytes)
Hash
4dc66cdc310158552a099b411a10011d
d1250e1a340ae9d3133a46de0e82ddc349744922
319c03138ded689f38efaee307b5b43928f8b1f3f490d982eb430d0297b4be59

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: slamscreechmilestone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=16310791; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 05:01:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a4246aebb0dffe6d23b2ba49188648ae
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

asleavannychan.com/custom

139.45.197.250

39 B

URL
asleavannychan.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: asleavannychan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 422
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a6eb8a51d195bad13c5612cfd1f4194e
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

asleavannychan.com/custom

139.45.197.250

39 B

URL
asleavannychan.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: asleavannychan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 789
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: aa5dfa685d8fb6075c2e0d58e298c971
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

0 B

URL
amunfezanttor.com/event
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

laughteroccasionallywarp.com/sbar.json?key=d137022925bcc2a680f8a4476ff94144

173.233.137.52

2.6 kB

URL
laughteroccasionallywarp.com/sbar.json?key=d137022925bcc2a680f8a4476ff94144
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , ASCII text, with very long lines (5950), with no line terminators
Size
2.6 kB (2551 bytes)
Hash
95b6fdeb49d3e2ebb29ac9ee57ac52f2
364afc0e84ea377f8c36e028c9cee7c14cba6499
8d8761564b1ed868572ce493706631fbf7917bbf8497f124c4302e4dd652cc74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=d137022925bcc2a680f8a4476ff94144 HTTP/1.1
Host: laughteroccasionallywarp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 05:01:54 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15460408; expires=Wed, 29 Nov 2023 05:01:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 29 Nov 2023 05:01:54 GMT; secure; SameSite=None
uncs=1; expires=Wed, 29 Nov 2023 05:01:54 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 29 Nov 2023 05:01:54 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 29 Nov 2023 05:01:54 GMT; secure; SameSite=None
slecd137022925bcc2a680f8a4476ff94144=[4691073]; expires=Tue, 28 Nov 2023 05:01:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aaa118b134ccaed417928dc267c8fdc3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

amunfezanttor.com/event

139.45.197.250

94 B

URL
amunfezanttor.com/event
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
c155098e75fea2f733984896af3ca326
d3bf1529d56b6add84553a415824eded17817511
7c33a2883ce50fceb02776ed6847b130dd16f830a647b198a2006185db46bdbc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 561
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.profitabledisplaycontent.com/watch.275897760543.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22er%22%2C%22srbija%22%2C%22uvela%22%2C%22novu%22%2C%22liniju%22%2C%22od%22%2C%22danas%22%2C%22let%22%2C%22direktno%22%2C%22do%22%2C%22porta%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&tz=0&dev=e&res=14.3095&uuid=&shu=147eb121410c5c8310718dbb50dcf25aeba73f21d6737f246d960c437d094afd76001273bb45efb4da218f7ae7f7a3a78983f978dc2774caaa897694e14d099395359e4dba8afaa39773e187cf92e24abb34255f137d77aad3fd286c4829f2d6c99f62&pst=1701147774&rmtc=t

192.243.59.20

643 B

URL
www.profitabledisplaycontent.com/watch.275897760543.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22er%22%2C%22srbija%22%2C%22uvela%22%2C%22novu%22%2C%22liniju%22%2C%22od%22%2C%22danas%22%2C%22let%22%2C%22direktno%22%2C%22do%22%2C%22porta%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&tz=0&dev=e&res=14.3095&uuid=&shu=147eb121410c5c8310718dbb50dcf25aeba73f21d6737f246d960c437d094afd76001273bb45efb4da218f7ae7f7a3a78983f978dc2774caaa897694e14d099395359e4dba8afaa39773e187cf92e24abb34255f137d77aad3fd286c4829f2d6c99f62&pst=1701147774&rmtc=t
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (603)
Size
643 B (643 bytes)
Hash
a7ddc4cb3d474a20fffa1e71e840e429
252169dc2a35eec55e0ee93d6f8425cc5b6cd125
ed18950b293e0f3579e708fe3247e179511b21645e524ede5b9e762caa84c40b

HTTP Headers

GET /watch.275897760543.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22er%22%2C%22srbija%22%2C%22uvela%22%2C%22novu%22%2C%22liniju%22%2C%22od%22%2C%22danas%22%2C%22let%22%2C%22direktno%22%2C%22do%22%2C%22porta%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&tz=0&dev=e&res=14.3095&uuid=&shu=147eb121410c5c8310718dbb50dcf25aeba73f21d6737f246d960c437d094afd76001273bb45efb4da218f7ae7f7a3a78983f978dc2774caaa897694e14d099395359e4dba8afaa39773e187cf92e24abb34255f137d77aad3fd286c4829f2d6c99f62&pst=1701147774&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
Referer: https://www.vugla.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=14611544; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDYxMTU0NCwiayI6ImMzYjZiYWI5YTNlNmM2MjJkNzMzMTIxOTk4ZTAwMTRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDcwMTYsInBpZCI6ODU0ODQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjcsInB0Ijo0LCJwayI6ImUydHg4d3EydHciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tL2VyLXNyYmlqYS11dmVsYS1ub3Z1LWxpbmlqdS1vZC1kYW5hcy1sZXQtZGlyZWt0bm8tZG8tcG9ydGEuaHRtbCJ9fQ.CvVLwMmwmXA-OpEUorRuxnwkjjCpt5Sx5NByQ_o-Skw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 05:01:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Set-Cookie: iprc78e254031491f8a3f6466572eac77d9f=2717342; expires=Wed, 29 Nov 2023 07:01:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 29 Nov 2023 05:01:54 GMT; secure; SameSite=None
uncs=1; expires=Wed, 29 Nov 2023 05:01:54 GMT; secure; SameSite=None
pdhtkv27=true; expires=Wed, 29 Nov 2023 05:01:54 GMT; secure; SameSite=None
uncs27=1; expires=Wed, 29 Nov 2023 05:01:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d1521f55aff3357ef4b48cfc505c1293
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

slamscreechmilestone.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuzqwY9KLBi%2BChERQFme2e32MOITFGFje7axLZc3VV9Wy51V1NVff07J42BjQHDyNe1FPvN7tZEhcxf4Ais17CorBzkT24gjfBiwghR%2BnJwOiDqve%2B%2Bt7h%2B96rT3azM%2BIho6dr1%2FW2VIouNque%2B8a6jLnOrbtyy%2FW9qnfRXZdxq3HRHZSX6b%2Fte82q96b7nmCberHm%2BZ7ne757TRoR6sHilIVMDrt%2BtetVG7Wq32xgYP6PbebAUge8f0YuQPLJMxuPHkKyMeLou6vCbqY6eevdKFM01QZ9fvBhvBnrPEY0L0PjIIwPZt3QdkLIl%2Beg44OZA%2Bj%2BXukAgZwQ51cfQXwwk4mgv%2F9UaaAgYgT8eeT9MYQaQ9IxmL4DyU8IwDhWVhFH91a0yenWU5aW7IQsPP4HMp%2BQhd9eQhx9e0XJgXtTqyyVOrYYhAXkYAzZGyPJjpBuO5D5EVj6MST%2FhSw%2BXkYc7a1apSF5MXUv5RgyHEOJIah1kJVHOshCB1niIOKnLm12Q89rh0FYr3cajLF6nbFmp8WbvN7ohB4yVsobIk2GYGoIZnaQmB1sys9Pmhdgsh9hNwpY7sCmE%2BJ8sIM%2BL5ALgtwS5JQglwR5SpD3i32ubM0W97iyWeDPcm2W68VIp71duq%2FTnojJbnJGXpyO5skfz2JTnLqs69fqfqtNa%2FVWi9dbHuMN3vE45TXK6s0OrCwg7bmp2%2B1yTziPpMzX%2F0JAj2DVEZisgGY%2BaD5q1zzQjVGj42E7vt%2FPeopWmY7AdYEkXUC65eyqM%2FLyVMSrld8h2PGlB68cnvdf%2FxPMFEhMgY%2FkTwQ9dXd0Q%2Bdk74bOLXm4mqQyktu03N3NlKai8uB9sZVrw5eu2uH9y6wkyvLwlrDpMo25jHuWfHNFci7MNW2YIN8v2XURrGV240pm4ixZXnvn2lKUGGGt1PEYVJ6sPgGTE7Jw%2B4fpr3zh508hzRgmKxBlx2QWkPoILNmBTebqrSYwat4TJOeQZ8XI1IL5o5IESswxDQrY%2F%2BBgXu%2Fau%2BiZCmh6B3FUoG8K9FUBqoaw2XOjNDHHlx59VcbXCFRlFChT2QuUUV9MiPvaZ9P5Tkj79t%2Bw8tQVzdALhVcTQdgNwjb1eDdsdAPa9UU7aFIfqZ0IkV7%2BFwAA%2F%2F8BAAD%2F%2FwKQyeR3BAAA

173.233.137.60

7 B

URL
slamscreechmilestone.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuzqwY9KLBi%2BChERQFme2e32MOITFGFje7axLZc3VV9Wy51V1NVff07J42BjQHDyNe1FPvN7tZEhcxf4Ais17CorBzkT24gjfBiwghR%2BnJwOiDqve%2B%2Bt7h%2B96rT3azM%2BIho6dr1%2FW2VIouNque%2B8a6jLnOrbtyy%2FW9qnfRXZdxq3HRHZSX6b%2Fte82q96b7nmCberHm%2BZ7ne757TRoR6sHilIVMDrt%2BtetVG7Wq32xgYP6PbebAUge8f0YuQPLJMxuPHkKyMeLou6vCbqY6eevdKFM01QZ9fvBhvBnrPEY0L0PjIIwPZt3QdkLIl%2Beg44OZA%2Bj%2BXukAgZwQ51cfQXwwk4mgv%2F9UaaAgYgT8eeT9MYQaQ9IxmL4DyU8IwDhWVhFH91a0yenWU5aW7IQsPP4HMp%2BQhd9eQhx9e0XJgXtTqyyVOrYYhAXkYAzZGyPJjpBuO5D5EVj6MST%2FhSw%2BXkYc7a1apSF5MXUv5RgyHEOJIah1kJVHOshCB1niIOKnLm12Q89rh0FYr3cajLF6nbFmp8WbvN7ohB4yVsobIk2GYGoIZnaQmB1sys9Pmhdgsh9hNwpY7sCmE%2BJ8sIM%2BL5ALgtwS5JQglwR5SpD3i32ubM0W97iyWeDPcm2W68VIp71duq%2FTnojJbnJGXpyO5skfz2JTnLqs69fqfqtNa%2FVWi9dbHuMN3vE45TXK6s0OrCwg7bmp2%2B1yTziPpMzX%2F0JAj2DVEZisgGY%2BaD5q1zzQjVGj42E7vt%2FPeopWmY7AdYEkXUC65eyqM%2FLyVMSrld8h2PGlB68cnvdf%2FxPMFEhMgY%2FkTwQ9dXd0Q%2Bdk74bOLXm4mqQyktu03N3NlKai8uB9sZVrw5eu2uH9y6wkyvLwlrDpMo25jHuWfHNFci7MNW2YIN8v2XURrGV240pm4ixZXnvn2lKUGGGt1PEYVJ6sPgGTE7Jw%2B4fpr3zh508hzRgmKxBlx2QWkPoILNmBTebqrSYwat4TJOeQZ8XI1IL5o5IESswxDQrY%2F%2BBgXu%2Fau%2BiZCmh6B3FUoG8K9FUBqoaw2XOjNDHHlx59VcbXCFRlFChT2QuUUV9MiPvaZ9P5Tkj79t%2Bw8tQVzdALhVcTQdgNwjb1eDdsdAPa9UU7aFIfqZ0IkV7%2BFwAA%2F%2F8BAAD%2F%2FwKQyeR3BAAA
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuzqwY9KLBi%2BChERQFme2e32MOITFGFje7axLZc3VV9Wy51V1NVff07J42BjQHDyNe1FPvN7tZEhcxf4Ais17CorBzkT24gjfBiwghR%2BnJwOiDqve%2B%2Bt7h%2B96rT3azM%2BIho6dr1%2FW2VIouNque%2B8a6jLnOrbtyy%2FW9qnfRXZdxq3HRHZSX6b%2Fte82q96b7nmCberHm%2BZ7ne757TRoR6sHilIVMDrt%2BtetVG7Wq32xgYP6PbebAUge8f0YuQPLJMxuPHkKyMeLou6vCbqY6eevdKFM01QZ9fvBhvBnrPEY0L0PjIIwPZt3QdkLIl%2Beg44OZA%2Bj%2BXukAgZwQ51cfQXwwk4mgv%2F9UaaAgYgT8eeT9MYQaQ9IxmL4DyU8IwDhWVhFH91a0yenWU5aW7IQsPP4HMp%2BQhd9eQhx9e0XJgXtTqyyVOrYYhAXkYAzZGyPJjpBuO5D5EVj6MST%2FhSw%2BXkYc7a1apSF5MXUv5RgyHEOJIah1kJVHOshCB1niIOKnLm12Q89rh0FYr3cajLF6nbFmp8WbvN7ohB4yVsobIk2GYGoIZnaQmB1sys9Pmhdgsh9hNwpY7sCmE%2BJ8sIM%2BL5ALgtwS5JQglwR5SpD3i32ubM0W97iyWeDPcm2W68VIp71duq%2FTnojJbnJGXpyO5skfz2JTnLqs69fqfqtNa%2FVWi9dbHuMN3vE45TXK6s0OrCwg7bmp2%2B1yTziPpMzX%2F0JAj2DVEZisgGY%2BaD5q1zzQjVGj42E7vt%2FPeopWmY7AdYEkXUC65eyqM%2FLyVMSrld8h2PGlB68cnvdf%2FxPMFEhMgY%2FkTwQ9dXd0Q%2Bdk74bOLXm4mqQyktu03N3NlKai8uB9sZVrw5eu2uH9y6wkyvLwlrDpMo25jHuWfHNFci7MNW2YIN8v2XURrGV240pm4ixZXnvn2lKUGGGt1PEYVJ6sPgGTE7Jw%2B4fpr3zh508hzRgmKxBlx2QWkPoILNmBTebqrSYwat4TJOeQZ8XI1IL5o5IESswxDQrY%2F%2BBgXu%2Fau%2BiZCmh6B3FUoG8K9FUBqoaw2XOjNDHHlx59VcbXCFRlFChT2QuUUV9MiPvaZ9P5Tkj79t%2Bw8tQVzdALhVcTQdgNwjb1eDdsdAPa9UU7aFIfqZ0IkV7%2BFwAA%2F%2F8BAAD%2F%2FwKQyeR3BAAA HTTP/1.1
Host: slamscreechmilestone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=16310791; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 05:01:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f6729687fce2ba984d40439a497090b8
Strict-Transport-Security: max-age=0; includeSubdomains

slamscreechmilestone.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3llx%2FXFx8SIoNIKyCzLpnt%2FjHpZd10gwm8TdlVy8VFdVT8pUdzVV3dOTnKILsgfBES%2FqqfNNsmHXIO4fIEjHyxIQMhfJwQjeBC8iLh5lJgPRB1XvffW9w%2Fe9V59sZyfEQ0aPV27qTakUnWtWPffSqoy5zq27dMf1vap3xV2VcatxxR1MLtN%2F0%2FeaVe%2By%2B45g63qu5vme53u%2BOy%2BNCPVgbspCJvtdv9r1qo1a1W82MDD%2FxzZzYKkD3j8hFyH5%2BKm1x48gWYk4%2Bu6GsOupTt54O8oUTbVBn%2B%2B9H6%2FHOo8RnZWhcRDGe7NuaDsm5Mtz0PHezAF0f2fiAIEcE%2BdnH0G8N5OJoL97qjRQEDEC%2FhzyfgmhSkhagum7kPyIAIxjaRlxdH9Jm5xunLJ0wo7J%2BSd%2FQeZjcv6XFxFH315XcuDe1ipLpY4tBmEBOSgheyWS7ADppgOZH4ClH0Pyn8jck0XE0c6yVRqSF1P3UpaQYQklhqDWQTY50kEWOsgSBxE%2FdmmzG3peOwzCer3TYIzV64w1Oy3e5PVGJ%2FSQsYm8IdJkCKaGYGYLidnCuvz8qHkRJvsBdq2A5Q5sOibOe1vo8wK5IMgtQU4JckmQpwR5v9jlytZscZ8rmwX%2BLNdmuV6MdNrbprs67YmYbCcn5IXpaP757Wmsi2OXdf1a3W%2B1aa3eavF6y2O8wTsep7xGWb3ZgZUFpD03dbs52RMuIJnkm38goAew6gBMVkAzHzQftWse6Nqo0fGwGT%2FoZz1Fq0xH4LpAkp5HuuFsqxPy0lRE%2B6M%2FIdjh1f1Lf5effXAZzBRITIEP5Y8EPXVvdEvnZOeWzi15tJykMpKbdLK72ylNReXhu2Ij14Yv3LDDB9fYhJiU%2B3eETRdpzGXcs%2BSb65JzYea1YYJ8v2BXRbCS2bXrmYmzZHHlrfmFKDHCWqnjElQePV%2BCyTF55vDG9Fe%2BMr8GaUqYrECUHZJZQOoDsGQLNjm8%2BvDl%2FQv%2B67%2FDagKjznqCpII8K0amFpw9KkmgxBmmQQH7Hxyc1dv2HnqmApreRRwV6JsCfVWAqiFs9uwoTczh1cdfTeJrBKoyCpSp7ATKqC%2FGxH3t0zF5tfLr6ZCtPHZFM%2FRC4dVEEHaDsE093g0b3YB2fdEOmtRHasdCpNf%2BBQAA%2F%2F8BAAD%2F%2FwV54BZ3BAAA

173.233.137.60

7 B

URL
slamscreechmilestone.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3llx%2FXFx8SIoNIKyCzLpnt%2FjHpZd10gwm8TdlVy8VFdVT8pUdzVV3dOTnKILsgfBES%2FqqfNNsmHXIO4fIEjHyxIQMhfJwQjeBC8iLh5lJgPRB1XvffW9w%2Fe9V59sZyfEQ0aPV27qTakUnWtWPffSqoy5zq27dMf1vap3xV2VcatxxR1MLtN%2F0%2FeaVe%2By%2B45g63qu5vme53u%2BOy%2BNCPVgbspCJvtdv9r1qo1a1W82MDD%2FxzZzYKkD3j8hFyH5%2BKm1x48gWYk4%2Bu6GsOupTt54O8oUTbVBn%2B%2B9H6%2FHOo8RnZWhcRDGe7NuaDsm5Mtz0PHezAF0f2fiAIEcE%2BdnH0G8N5OJoL97qjRQEDEC%2FhzyfgmhSkhagum7kPyIAIxjaRlxdH9Jm5xunLJ0wo7J%2BSd%2FQeZjcv6XFxFH315XcuDe1ipLpY4tBmEBOSgheyWS7ADppgOZH4ClH0Pyn8jck0XE0c6yVRqSF1P3UpaQYQklhqDWQTY50kEWOsgSBxE%2FdmmzG3peOwzCer3TYIzV64w1Oy3e5PVGJ%2FSQsYm8IdJkCKaGYGYLidnCuvz8qHkRJvsBdq2A5Q5sOibOe1vo8wK5IMgtQU4JckmQpwR5v9jlytZscZ8rmwX%2BLNdmuV6MdNrbprs67YmYbCcn5IXpaP757Wmsi2OXdf1a3W%2B1aa3eavF6y2O8wTsep7xGWb3ZgZUFpD03dbs52RMuIJnkm38goAew6gBMVkAzHzQftWse6Nqo0fGwGT%2FoZz1Fq0xH4LpAkp5HuuFsqxPy0lRE%2B6M%2FIdjh1f1Lf5effXAZzBRITIEP5Y8EPXVvdEvnZOeWzi15tJykMpKbdLK72ylNReXhu2Ij14Yv3LDDB9fYhJiU%2B3eETRdpzGXcs%2BSb65JzYea1YYJ8v2BXRbCS2bXrmYmzZHHlrfmFKDHCWqnjElQePV%2BCyTF55vDG9Fe%2BMr8GaUqYrECUHZJZQOoDsGQLNjm8%2BvDl%2FQv%2B67%2FDagKjznqCpII8K0amFpw9KkmgxBmmQQH7Hxyc1dv2HnqmApreRRwV6JsCfVWAqiFs9uwoTczh1cdfTeJrBKoyCpSp7ATKqC%2FGxH3t0zF5tfLr6ZCtPHZFM%2FRC4dVEEHaDsE093g0b3YB2fdEOmtRHasdCpNf%2BBQAA%2F%2F8BAAD%2F%2FwV54BZ3BAAA
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3llx%2FXFx8SIoNIKyCzLpnt%2FjHpZd10gwm8TdlVy8VFdVT8pUdzVV3dOTnKILsgfBES%2FqqfNNsmHXIO4fIEjHyxIQMhfJwQjeBC8iLh5lJgPRB1XvffW9w%2Fe9V59sZyfEQ0aPV27qTakUnWtWPffSqoy5zq27dMf1vap3xV2VcatxxR1MLtN%2F0%2FeaVe%2By%2B45g63qu5vme53u%2BOy%2BNCPVgbspCJvtdv9r1qo1a1W82MDD%2FxzZzYKkD3j8hFyH5%2BKm1x48gWYk4%2Bu6GsOupTt54O8oUTbVBn%2B%2B9H6%2FHOo8RnZWhcRDGe7NuaDsm5Mtz0PHezAF0f2fiAIEcE%2BdnH0G8N5OJoL97qjRQEDEC%2FhzyfgmhSkhagum7kPyIAIxjaRlxdH9Jm5xunLJ0wo7J%2BSd%2FQeZjcv6XFxFH315XcuDe1ipLpY4tBmEBOSgheyWS7ADppgOZH4ClH0Pyn8jck0XE0c6yVRqSF1P3UpaQYQklhqDWQTY50kEWOsgSBxE%2FdmmzG3peOwzCer3TYIzV64w1Oy3e5PVGJ%2FSQsYm8IdJkCKaGYGYLidnCuvz8qHkRJvsBdq2A5Q5sOibOe1vo8wK5IMgtQU4JckmQpwR5v9jlytZscZ8rmwX%2BLNdmuV6MdNrbprs67YmYbCcn5IXpaP757Wmsi2OXdf1a3W%2B1aa3eavF6y2O8wTsep7xGWb3ZgZUFpD03dbs52RMuIJnkm38goAew6gBMVkAzHzQftWse6Nqo0fGwGT%2FoZz1Fq0xH4LpAkp5HuuFsqxPy0lRE%2B6M%2FIdjh1f1Lf5effXAZzBRITIEP5Y8EPXVvdEvnZOeWzi15tJykMpKbdLK72ylNReXhu2Ij14Yv3LDDB9fYhJiU%2B3eETRdpzGXcs%2BSb65JzYea1YYJ8v2BXRbCS2bXrmYmzZHHlrfmFKDHCWqnjElQePV%2BCyTF55vDG9Fe%2BMr8GaUqYrECUHZJZQOoDsGQLNjm8%2BvDl%2FQv%2B67%2FDagKjznqCpII8K0amFpw9KkmgxBmmQQH7Hxyc1dv2HnqmApreRRwV6JsCfVWAqiFs9uwoTczh1cdfTeJrBKoyCpSp7ATKqC%2FGxH3t0zF5tfLr6ZCtPHZFM%2FRC4dVEEHaDsE093g0b3YB2fdEOmtRHasdCpNf%2BBQAA%2F%2F8BAAD%2F%2FwV54BZ3BAAA HTTP/1.1
Host: slamscreechmilestone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=16310791; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 05:01:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b8ba1e6d5f9a77ac3fba60216dbbf9bf
Strict-Transport-Security: max-age=0; includeSubdomains

promo.pixelsee.app/css/style.min.css?ver=1

104.21.7.161

5.7 kB

URL
promo.pixelsee.app/css/style.min.css?ver=1
IP
104.21.7.161:0
ASN
#13335 CLOUDFLARENET

File type
assembler source, ASCII text, with very long lines (600)
Size
5.7 kB (5715 bytes)
Hash
583046cc62873e13de5979a19472fefb
aee02e4e1f654b880863a5f3c7599b5bd7ffcff7
d91228866dbbc573944d948402536e1b470d67c5ae67e1c5cdfcb15cb5eb984a

HTTP Headers

GET /css/style.min.css?ver=1 HTTP/1.1
Host: promo.pixelsee.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Interstitial_Conv_ALL_12_10_2023&sub2=propeller&sub6=753230711479083008
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: text/css
x-amz-id-2: txa17b568edf4847eaa18d0-00654b69d9
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
etag: W/"583046cc62873e13de5979a19472fefb"
x-amz-request-id: txa17b568edf4847eaa18d0-00654b69d9
x-amz-version-id: 1698407678343351
cache-control: max-age=14400
cf-cache-status: HIT
age: 719
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQr%2BwmG3uO2W8cHyl9q9mdgwU1jLgeWeiBmSqoMuPdq6sOhbIRaZ1wH934aNhsqAfVwyBqBfvB3SD9FFtzVpqJZagy6HZ%2BE6aFVYrhOL148Uhe4cnPr0JnjMKkldzkKpJ%2B2LVuY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d00e40be095690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-TKL2XXV026

142.250.74.168

94 kB

URL
www.googletagmanager.com/gtag/js?id=G-TKL2XXV026
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (7711)
Size
94 kB (93805 bytes)
Hash
58745a793b19c4060d64d22762a4e31b
47649ac768d539898d1a2aefb05cf9fcf25eb35e
8ad083e5599a52e02d1be3bf2aa1c2ec757e864a6111a4a60e15ce4fef381935

HTTP Headers

GET /gtag/js?id=G-TKL2XXV026 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 05:01:54 GMT
expires: Tue, 28 Nov 2023 05:01:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93805
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

promo.pixelsee.app/images/logo.svg

104.21.7.161

1.3 kB

URL
promo.pixelsee.app/images/logo.svg
IP
104.21.7.161:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (1687), with no line terminators
Size
1.3 kB (1318 bytes)
Hash
9bb77a42ae4c13b0a557d3496c62af46
a8cd3a2b9d0e2d8f2d557fe64a9625b9dd88e3e0
9a1a80dae6a97aff9aa45a6225640d6b299d25eb4f7689055afb9dfd60ba4e7b

HTTP Headers

GET /images/logo.svg HTTP/1.1
Host: promo.pixelsee.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Interstitial_Conv_ALL_12_10_2023&sub2=propeller&sub6=753230711479083008
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: image/svg+xml
x-amz-id-2: tx852b3a66ff4c4c118b5ef-006541a1a9
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
etag: W/"9bb77a42ae4c13b0a557d3496c62af46"
x-amz-request-id: tx852b3a66ff4c4c118b5ef-006541a1a9
x-amz-version-id: 1698407678480852
cache-control: max-age=14400
cf-cache-status: HIT
age: 719
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fh2ZNhsGrLEC7BL1nH%2F9UggIMrxx6wwfMqygAgoND5HHGe3uLE81NGxVvF02XiIbnCjmZutFwfxqLZ%2Fc2ji8dVvEi7eHfj4rP0LtuavJTY2KyNi1OnoZVsihS%2FsJ3isz7rMUSYA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d00e40ce0d5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

promo.pixelsee.app/images/load/playlist.png

104.21.7.161

215 B

URL
promo.pixelsee.app/images/load/playlist.png
IP
104.21.7.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 46 x 42, 4-bit colormap, non-interlaced\012- data
Size
215 B (215 bytes)
Hash
38868742975def4cf1abe3c2034c968e
e6976b79d7269098f716606e38445f7b3f60e21e
d2b8fbaded24ceaa6e1c817e2a3cd84c3a3344eba0fad1f146720dfc995ed77b

HTTP Headers

GET /images/load/playlist.png HTTP/1.1
Host: promo.pixelsee.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: image/png
content-length: 215
x-amz-id-2: tx0e505af4cb9e42fe9704b-0065654dd5
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
etag: "38868742975def4cf1abe3c2034c968e"
x-amz-request-id: tx0e505af4cb9e42fe9704b-0065654dd5
x-amz-version-id: 1698407678441886
cache-control: max-age=14400
cf-cache-status: HIT
age: 7153
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3dKu42kVXZATf8DPBYErY7FK15Qp7G8tEkxQXKEe5G%2BmeFOrMWvE6WH%2BbNkExLWOporBfTYgOHMcICl9DU8SbFfK7FX9wCRGgBs0BRN5kNh9sIdKvoUY%2B4y6XEllK91FWjEPGc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d00e414e4b5690-OSL
alt-svc: h3=":443"; ma=86400

promo.pixelsee.app/images/load/pause.png

104.21.7.161

552 B

URL
promo.pixelsee.app/images/load/pause.png
IP
104.21.7.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 46 x 46, 8-bit colormap, non-interlaced\012- data
Size
552 B (552 bytes)
Hash
7f147decd06cd1ab5a8f539d55ceffe6
ceeea21816025f718a6c2bb8c330195874b34a7d
e7673c1ead17d751d2b588c6f8089b0fff26ae90ce8d14e704a0965a6ff37b57

HTTP Headers

GET /images/load/pause.png HTTP/1.1
Host: promo.pixelsee.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: image/png
content-length: 552
x-amz-id-2: txfa675513bbdf427a825bc-0065164131
last-modified: Tue, 12 Sep 2023 10:31:01 GMT
etag: "7f147decd06cd1ab5a8f539d55ceffe6"
x-amz-request-id: txfa675513bbdf427a825bc-0065164131
x-amz-version-id: 1694514661973689
cache-control: max-age=14400
cf-cache-status: HIT
age: 719
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9IzoHi75O7bQKMglsV56P%2FK8KXQfkVhwIUOuNoQuXXUReSzteURgi0C7Jb5xhWQckFXk2z5Xb6QhDOTohrI8D35M0H7fA%2FZzNPpvNbc8%2FjzXp0jA0naYSgKrJJQb2tJM9qcrVM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d00e414e4d5690-OSL
alt-svc: h3=":443"; ma=86400

promo.pixelsee.app/images/load/subtitles.png

104.21.7.161

193 B

URL
promo.pixelsee.app/images/load/subtitles.png
IP
104.21.7.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 46 x 46, 4-bit colormap, non-interlaced\012- data
Size
193 B (193 bytes)
Hash
a47325f449f3eb00d2f47d61f39eb065
dd6508117cffe0f06f822c3ed09f4b59bb8fd620
27554c42cd0c0bac487ef78447d427d5e5ba8bd24bb94289a9f9d435df468897

HTTP Headers

GET /images/load/subtitles.png HTTP/1.1
Host: promo.pixelsee.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: image/png
content-length: 193
x-amz-id-2: tx9001bb63705244c593ab1-00654c5415
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
etag: "a47325f449f3eb00d2f47d61f39eb065"
x-amz-request-id: tx9001bb63705244c593ab1-00654c5415
x-amz-version-id: 1698407678465863
cache-control: max-age=14400
cf-cache-status: HIT
age: 719
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9r9f6XkRcgeGTLv6DZOoNC13KhND6ZVgD8LvDXkextU%2FSxe4yfupQXoyVFO7BmD70fINY18ro9eVzVo3Yw4sjZQNTgqZCal6C3LfNr5N6Ss4XsX%2BSn3PWqgP3RRNjyiKvsG0TVk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d00e415e4e5690-OSL
alt-svc: h3=":443"; ma=86400

promo.pixelsee.app/images/load/play.png

104.21.7.161

411 B

URL
promo.pixelsee.app/images/load/play.png
IP
104.21.7.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 37 x 46, 8-bit colormap, non-interlaced\012- data
Size
411 B (411 bytes)
Hash
152bad15fdcef8e2dc4248fd58794e7e
b7eb1cf6d7478eae28595a4a271f12e5b5047f99
3440aae42853188c66d8631208b1fad7b580e2b7e065403d1387306d6e7ef558

HTTP Headers

GET /images/load/play.png HTTP/1.1
Host: promo.pixelsee.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: image/png
content-length: 411
x-amz-id-2: tx9f0a7f3b8b7248d286ef7-0065503631
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
etag: "152bad15fdcef8e2dc4248fd58794e7e"
x-amz-request-id: tx9f0a7f3b8b7248d286ef7-0065503631
x-amz-version-id: 1698407678462718
cache-control: max-age=14400
cf-cache-status: HIT
age: 719
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMFkkojMOYjV8ZlIruAaERE1TFvb5iGMKetdLpFL7X0jqRjBiyCSiZkMhJrz83ix8EoWWbicpIU8pvnk3qo4A0J%2BFnNBQN7wrfqT%2BHcIiuGWm7FCKQgs8BiDwmM2upLrtZgpoCQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d00e415e505690-OSL
alt-svc: h3=":443"; ma=86400

promo.pixelsee.app/images/load/windows.png

104.21.7.161

214 B

URL
promo.pixelsee.app/images/load/windows.png
IP
104.21.7.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 46 x 46, 4-bit colormap, non-interlaced\012- data
Size
214 B (214 bytes)
Hash
1982b726d7da6c46b504c6d859edb218
8c58574bac2498ef71423de1723d32037a1baf52
9c45931772e5bb04bb6e0d142a114a3bbe2ebb28c94ed4c0eb58cbbd4ab58ffe

HTTP Headers

GET /images/load/windows.png HTTP/1.1
Host: promo.pixelsee.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: image/png
content-length: 214
x-amz-id-2: tx37945049b1674658a2985-006540931c
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
etag: "1982b726d7da6c46b504c6d859edb218"
x-amz-request-id: tx37945049b1674658a2985-006540931c
x-amz-version-id: 1698407678488312
cache-control: max-age=14400
cf-cache-status: HIT
age: 719
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjB1UP8fzaoQ2Y6CwcJNkKxhHNveUV7bmpbvYqQjSeNhVjGeOs2WnZSyBLV%2BynxvY3m6DTC9FbOK%2B5mJvNxi13m7sxxnxycxj3DvVwXAXj8DrSI3RRTMWa%2FaiFbOgbRosHy99Wg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d00e415e4f5690-OSL
alt-svc: h3=":443"; ma=86400

promo.pixelsee.app/js/application.js?ver=5

104.21.7.161

41 kB

URL
promo.pixelsee.app/js/application.js?ver=5
IP
104.21.7.161:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (38324)
Size
41 kB (40760 bytes)
Hash
ef97b9847829ea219d404ed496472fa0
dfed6915c6973a22b48b2b3fcebd8d3a9b3d8a60
3df092eaae166da10816677a4f0ce9806109f31b5ce60630688da3bb9aecdaf1

HTTP Headers

GET /js/application.js?ver=5 HTTP/1.1
Host: promo.pixelsee.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Interstitial_Conv_ALL_12_10_2023&sub2=propeller&sub6=753230711479083008
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: application/javascript
x-amz-id-2: tx2656a181b1844df9ae396-00655b5bf6
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
etag: W/"ef97b9847829ea219d404ed496472fa0"
x-amz-request-id: tx2656a181b1844df9ae396-00655b5bf6
x-amz-version-id: 1698407678565766
cache-control: max-age=14400
cf-cache-status: HIT
age: 719
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Osa4n0q34PvAuFxtG%2FcNk3vApIyjx9DZ8CXOg%2Bux0eUk3YXSkvRBoEtn7Xm%2BN0c8vt9p0HlFb4RA6utL%2FZWfb1t3zyUDf4MLCkrizhIub7l9NY159AtaTn8Uos%2F9qsYiROBIZYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d00e40ce115690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

promo.pixelsee.app/images/footer/footer-decor.png

104.21.7.161

3.5 kB

URL
promo.pixelsee.app/images/footer/footer-decor.png
IP
104.21.7.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 536 x 536, 8-bit colormap, non-interlaced\012- data
Size
3.5 kB (3474 bytes)
Hash
af15b8bc22a4d8aa6166d1f8e1ff4c67
4bc5fb4bc3b98e7782973ed4c212b930a7425495
2b75d4c73aa7751c553a5191f8cff5d139a9f77717701f6157963e810bdb937c

HTTP Headers

GET /images/footer/footer-decor.png HTTP/1.1
Host: promo.pixelsee.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: image/png
content-length: 3474
x-amz-id-2: tx71d8e1a170c443c7b14d9-00654b962c
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
etag: "af15b8bc22a4d8aa6166d1f8e1ff4c67"
x-amz-request-id: tx71d8e1a170c443c7b14d9-00654b962c
x-amz-version-id: 1698407678355330
cache-control: max-age=14400
cf-cache-status: HIT
age: 719
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfItZX0g8gLNMjipEviB3M8ibM5gUJV3cpZ8gsGeLMM3XnrW80BecaLrTHKj6UT9HbHUMhASd3j31oUD4sKjnkgp%2FQmJpr1QMQiSRoZ9Z4VVFBt%2B6ICRkih5%2BIj6k7ceCreqtpI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d00e418e595690-OSL
alt-svc: h3=":443"; ma=86400

promo.pixelsee.app/?r=PropellerAds_VT_Interstitial_Conv_ALL_12_10_2023&sub2=propeller&sub6=753230711479083008

104.21.7.161

4.5 kB

URL
promo.pixelsee.app/?r=PropellerAds_VT_Interstitial_Conv_ALL_12_10_2023&sub2=propeller&sub6=753230711479083008
IP
104.21.7.161:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (340)
Size
4.5 kB (4463 bytes)
Hash
09556dfd8ee14541131c05b28ca92287
cc91c9b060da99953c6601c011d810e55b38627a
445bc4f368b3b8f82d2c387ccc2a5b6634b41474ce7119a9a44f151ccec0c5e1

HTTP Headers

GET /?r=PropellerAds_VT_Interstitial_Conv_ALL_12_10_2023&sub2=propeller&sub6=753230711479083008 HTTP/1.1
Host: promo.pixelsee.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: text/html
x-amz-id-2: txdb1c9ef3fe144a6989753-0065657442
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
x-amz-request-id: txdb1c9ef3fe144a6989753-0065657442
x-amz-version-id: 1698407678549900
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JclOVAgLcgFwjMInDX1lLqhBEiotysoO45lk21xWVqU9L5D0BlMW%2FPJCfjy9UOqgREjGMLVkWRlz2DD5Hli2279ZAkLU8VqHIV5biHe0cDYG7QaQmmtEjUVc8b8ZudqQBvlJsM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d00e3f2d2156bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

promo.pixelsee.app/css/baloon.min.css?ver=1

104.21.7.161

35 kB

URL
promo.pixelsee.app/css/baloon.min.css?ver=1
IP
104.21.7.161:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3837), with no line terminators
Size
35 kB (34858 bytes)
Hash
e38b048988db68478be49dda0683fa7e
5e8857f887093ac1582f3799480a65c01d5a4ddf
cf0481bb01e37a5b5cb2388e817decdc4f90e7cbd5994c55b05d7d4dbd86815f

HTTP Headers

GET /css/baloon.min.css?ver=1 HTTP/1.1
Host: promo.pixelsee.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Interstitial_Conv_ALL_12_10_2023&sub2=propeller&sub6=753230711479083008
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: text/css
x-amz-id-2: txc24c49bfa42d472b97f03-006543264a
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
etag: W/"e38b048988db68478be49dda0683fa7e"
x-amz-request-id: txc24c49bfa42d472b97f03-006543264a
x-amz-version-id: 1698407678328515
cache-control: max-age=14400
cf-cache-status: HIT
age: 2224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQxhlGxMOTt8LNX1UlVJVNdaKim8CfveGpe7S7pQZxpwTiKXC%2BW%2FZ%2BMP%2BgRvVGpaRuxPp53QWZzLg5YbsHWPCvsksJ8Jz%2FOC4VLeUQ%2BWkMncY%2F1wNznqNq2%2FGTDLeKcYqG8QCiw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d00e40ce0b5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

33 kB

URL
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0\012- data
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.pixelsee.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:56 GMT
expires: Fri, 22 Nov 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 365998
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

33 kB

URL
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0\012- data
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.pixelsee.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:56 GMT
expires: Fri, 22 Nov 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 365998
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

33 kB

URL
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0\012- data
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.pixelsee.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:56 GMT
expires: Fri, 22 Nov 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 365998
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/td?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=promo.pixelsee.app%2F&tdp=G-TKL2XXV026;69669615;0;0;0&z=0

142.250.74.168

0 B

URL
www.googletagmanager.com/td?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=promo.pixelsee.app%2F&tdp=G-TKL2XXV026;69669615;0;0;0&z=0
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /td?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=promo.pixelsee.app%2F&tdp=G-TKL2XXV026;69669615;0;0;0&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Tue, 28 Nov 2023 05:01:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=promo.pixelsee.app%2F&tdp=G-TKL2XXV026;69669615;0;0;0&z=0

142.250.74.168

0 B

URL
www.googletagmanager.com/a?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=promo.pixelsee.app%2F&tdp=G-TKL2XXV026;69669615;0;0;0&z=0
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=promo.pixelsee.app%2F&tdp=G-TKL2XXV026;69669615;0;0;0&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700;900&display=swap

142.250.74.106

621 B

URL
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700;900&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
621 B (621 bytes)
Hash
95d7f1c693910c5ac013df8a4ca01353
2fba7433e346017dabe5545bd02138bc3b4263c2
481ae7ff0d53d45d9d93b8247dd3a3f7c0e901954851bb6350aeccd0bd54938f

HTTP Headers

GET /css2?family=Montserrat:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 05:01:54 GMT
date: Tue, 28 Nov 2023 05:01:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtm.js&eid=1&h=Ag&tr=1gct&ti=1gct&z=0

142.250.74.168

0 B

URL
www.googletagmanager.com/a?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtm.js&eid=1&h=Ag&tr=1gct&ti=1gct&z=0
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtm.js&eid=1&h=Ag&tr=1gct&ti=1gct&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtag.config&eid=7&u=AAAAggAAAAAAAIA&ut=Ag&h=Ag&epr=1G.3G&z=0

142.250.74.168

0 B

URL
www.googletagmanager.com/a?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtag.config&eid=7&u=AAAAggAAAAAAAIA&ut=Ag&h=Ag&epr=1G.3G&z=0
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtag.config&eid=7&u=AAAAggAAAAAAAIA&ut=Ag&h=Ag&epr=1G.3G&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtag.config&eid=8&u=AAAAggAAAAAAAIA&ut=Ag&h=Ag&z=0

142.250.74.168

0 B

URL
www.googletagmanager.com/a?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtag.config&eid=8&u=AAAAggAAAAAAAIA&ut=Ag&h=Ag&z=0
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=G-TKL2XXV026&v=3&t=t&pid=937620042&cv=2&rv=3b81&tc=21&es=1&e=gtag.config&eid=8&u=AAAAggAAAAAAAIA&ut=Ag&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 05:01:54 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=UA-229973687-1&l=dataLayer&cx=c

142.250.74.168

69 kB

URL
www.googletagmanager.com/gtag/js?id=UA-229973687-1&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4179)
Size
69 kB (68778 bytes)
Hash
72b3365c93471296d25fa40fc273d8e5
eb870ea4adcdbcc5c9253d9dc856797d64fdd6d0
c5eb1172ae17371a84021cc553da62e62fa958737740ee26ff29007ee1ca2dbe

HTTP Headers

GET /gtag/js?id=UA-229973687-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.pixelsee.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 05:01:54 GMT
expires: Tue, 28 Nov 2023 05:01:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68778
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

laughteroccasionallywarp.com/pixel/sbe?t=2&error=timeout

173.233.137.44

0 B

URL
laughteroccasionallywarp.com/pixel/sbe?t=2&error=timeout
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbe?t=2&error=timeout HTTP/1.1
Host: laughteroccasionallywarp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=15460408; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd137022925bcc2a680f8a4476ff94144=[4691073]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 05:01:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14611544

173.233.137.52

200 OK

1.4 kB

URL User Request GET HTTP/1.1
conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14611544
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Certificate
IssuerLet's Encrypt
Subjectconqueredallrightswell.com
Fingerprint9E:C2:75:0A:08:52:CB:97:0C:C6:54:67:5E:6F:7F:C9:D8:00:28:1C
ValidityTue, 14 Nov 2023 16:14:39 GMT - Mon, 12 Feb 2024 16:14:38 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (480)
Size
1.4 kB (1396 bytes)
Hash
a213cd3e0307d6466daa783bd6258b62
afae89d4278f2bdf897adead36a74bf5352dc58b
7391e8a0fa2923cf2a82275b79e73e663b9da4b9d337bd217dac10dd7ef1b8f0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14611544 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 05:01:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Wed, 29 Nov 2023 05:01:55 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTQ2MTE1NDQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tLyJ9fQ.7q3dI0llldeKeqZeomz_jyJb2tgSK3Wqp-YLmtZxQdE; expires=Tue, 28 Nov 2023 05:02:55 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 94adc17b309ffb1c8420c35d7da02eb4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3b81v879882835&_p=1701147715870&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1899466652.1701147716&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701147716&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&dt=Er%20Srbija%20uvela%20novu%20liniju%2C%20od%20danas%20let%20direktno%20do%20Porta%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=5835

216.239.34.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3b81v879882835&_p=1701147715870&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1899466652.1701147716&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701147716&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&dt=Er%20Srbija%20uvela%20novu%20liniju%2C%20od%20danas%20let%20direktno%20do%20Porta%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=5835
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3b81v879882835&_p=1701147715870&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1899466652.1701147716&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701147716&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fer-srbija-uvela-novu-liniju-od-danas-let-direktno-do-porta.html&dt=Er%20Srbija%20uvela%20novu%20liniju%2C%20od%20danas%20let%20direktno%20do%20Porta%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=5835 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://www.vugla.com
date: Tue, 28 Nov 2023 05:01:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE0NjExNTQ0JnBzdD0xNzAxMTQ3Nzc1JnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnZ1Z2xhLmNvbSUyRiZybXRjPXQmc2h1PWZlMGU0NTZiY2JlNjQwYTkxZTAyYTBlZmVmMDdmMGVjMGQxMWQxYTIzMTY2OTQ5N2RiNzkyMmIxMWEzZDgxOGMxNTliYTg2NzMyNGUxY2RlZmU3YTliMTk1Y2E5NmU4MTdjYzM0ZDljOTVjNDIxNWM4YTYxODg2NTZhMTVjZjdiMjQ1MzIwMTE4NjVjZWE3NGM0MzliOTg3MzM0NTNiZTA0OTAxOGQ5NjNlMTA1OWQwNDMzYWQzOWYwMDM5OTE2NjUz&uuid=&pii=&in=false

192.243.59.13

0 B

URL User Request GET
conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE0NjExNTQ0JnBzdD0xNzAxMTQ3Nzc1JnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnZ1Z2xhLmNvbSUyRiZybXRjPXQmc2h1PWZlMGU0NTZiY2JlNjQwYTkxZTAyYTBlZmVmMDdmMGVjMGQxMWQxYTIzMTY2OTQ5N2RiNzkyMmIxMWEzZDgxOGMxNTliYTg2NzMyNGUxY2RlZmU3YTliMTk1Y2E5NmU4MTdjYzM0ZDljOTVjNDIxNWM4YTYxODg2NTZhMTVjZjdiMjQ1MzIwMTE4NjVjZWE3NGM0MzliOTg3MzM0NTNiZTA0OTAxOGQ5NjNlMTA1OWQwNDMzYWQzOWYwMDM5OTE2NjUz&uuid=&pii=&in=false
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subjectconqueredallrightswell.com
Fingerprint9E:C2:75:0A:08:52:CB:97:0C:C6:54:67:5E:6F:7F:C9:D8:00:28:1C
ValidityTue, 14 Nov 2023 16:14:39 GMT - Mon, 12 Feb 2024 16:14:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE0NjExNTQ0JnBzdD0xNzAxMTQ3Nzc1JnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnZ1Z2xhLmNvbSUyRiZybXRjPXQmc2h1PWZlMGU0NTZiY2JlNjQwYTkxZTAyYTBlZmVmMDdmMGVjMGQxMWQxYTIzMTY2OTQ5N2RiNzkyMmIxMWEzZDgxOGMxNTliYTg2NzMyNGUxY2RlZmU3YTliMTk1Y2E5NmU4MTdjYzM0ZDljOTVjNDIxNWM4YTYxODg2NTZhMTVjZjdiMjQ1MzIwMTE4NjVjZWE3NGM0MzliOTg3MzM0NTNiZTA0OTAxOGQ5NjNlMTA1OWQwNDMzYWQzOWYwMDM5OTE2NjUz&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTQ2MTE1NDQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tLyJ9fQ.7q3dI0llldeKeqZeomz_jyJb2tgSK3Wqp-YLmtZxQdE; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 05:01:56 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=2fb35efe97d7796f1f35ca2cb76b71a9&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
Set-Cookie: iprc1a9d1478908fba7b2701630fbba19cf9=4641329; expires=Wed, 29 Nov 2023 05:01:56 GMT
pdhtkv=true; expires=Wed, 29 Nov 2023 05:01:56 GMT
uncs=1; expires=Wed, 29 Nov 2023 05:01:56 GMT
pdhtkv28=true; expires=Wed, 29 Nov 2023 05:01:56 GMT
uncs28=1; expires=Wed, 29 Nov 2023 05:01:56 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: af5e03a841525dc67916cecec4e74a45
Strict-Transport-Security: max-age=0; includeSubdomains

violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=2fb35efe97d7796f1f35ca2cb76b71a9&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625

192.64.81.118

0 B

URL User Request GET
violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=2fb35efe97d7796f1f35ca2cb76b71a9&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
IP
192.64.81.118:0
ASN
#19318 IS-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=2fb35efe97d7796f1f35ca2cb76b71a9&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625 HTTP/1.1
Host: violationphysics.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Tue, 28 Nov 2023 05:02:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h9p2gmk252; expires=Wed, 29-Nov-2023 05:02:04 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h9p2gmk252-h9p2gmk252-hq1m-0-q5a4bl-ftxofe-ft8pdz-255703; expires=Wed, 29-Nov-2023 05:02:04 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=a974eh9p2gmk252454&sub_id=16122660
Strict-Transport-Security: max-age=31536000

conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660

192.243.61.227

1.4 kB

URL
conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subjectconqueredallrightswell.com
Fingerprint9E:C2:75:0A:08:52:CB:97:0C:C6:54:67:5E:6F:7F:C9:D8:00:28:1C
ValidityTue, 14 Nov 2023 16:14:39 GMT - Mon, 12 Feb 2024 16:14:38 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (432)
Size
1.4 kB (1355 bytes)
Hash
28c482e7ecb035d93c3249413f9226d0
c90d507b6ddae4b20113a8865ca1fc0ec342a21f
f2aef743e00e1ac60a7ff98c699df90a0ca9118092cc7b75f2ee273b820a0872

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 05:02:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=14892298; expires=Wed, 29 Nov 2023 05:02:04 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDg5MjI5OCwiayI6IjBmMjJjMWZkNjA5ZjEzY2I3OTQ3YzhjYWJmZTFhOTBkIiwic2lkIjoiMTYxMjI2NjAiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjEwMzczOCwicGlkIjo4MzMyMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyOCwicHQiOjQsInBrIjoiZjY2OHQ1MXNiaSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIn19.uDYPqel5E0GaaLsyukH2i37aTzuKaHZovIz4LWDcKMs; expires=Tue, 28 Nov 2023 05:03:04 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 52a4f5c05a967fd56ab8db7a07d46dfb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=a974eh9p2gmk252454&sub_id=16122660

104.21.22.161

0 B

URL
vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=a974eh9p2gmk252454&sub_id=16122660
IP
104.21.22.161:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pl=zKByXHsQK0ydGD7DogbGyA&click_id=a974eh9p2gmk252454&sub_id=16122660 HTTP/1.1
Host: vvfal.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 28 Nov 2023 05:02:05 GMT
content-length: 0
location: https://vvfal.veinmaster.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=a974eh9p2gmk252454&sub_id=16122660&nrid=ec93e4898aa74b6fa7cc41fc922fd325&hash=Qyc69ncEVikHke4RioqEBQ&exp=1701148025
set-cookie: zKByXHsQK0ydGD7DogbGyA=5; max-age=345600; path=/; samesite=lax
__pl=b8cde893-6acf-4f9d-8b80-d1653b071ce9; expires=Fri, 28 Nov 2025 05:02:05 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqHT3hIWuF5ZHHumtnRR6kJw9Pxy6bEDictp1vYVfQXd%2FQngMCJOiuh0Ly%2F2J1om6jcEVZKmTasriT2O8PLyqQA0hHEWpdvZky3aOQARvuGlWvN%2BHxoZOICe2yYQoggdx%2F0J0j2kgrwctn5L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d00e829d425695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (149)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP