Report - www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html

Report Overview

Visited public
2023-12-01 20:24:11
Tags
URL
www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Finishing URL
www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
IP / ASN
192.185.106.252
#46606 UNIFIEDLAYER-AS-1
Title
(1) New Message!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

104

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
t9wys.bemobtrcks.com	unknown	2020-05-25	2022-12-06 21:15:37	2023-11-24 08:26:21	612 B	1.6 kB	3.70.16.242
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2023-12-01 08:33:49	720 B	1.3 kB	142.250.150.84
www.kursnalista.co	unknown	2019-01-14	2015-04-30 23:56:04	2023-11-19 14:45:56	895 B	60 kB	192.185.106.47
tharbadir.com	670354	2018-04-25	2018-05-21 22:07:02	2023-11-20 17:43:39	7.6 kB	182 kB	139.45.197.238
www.profitabledisplaycontent.com	138390	2020-10-14	2020-10-16 04:07:47	2023-11-28 18:09:47	3.0 kB	6.0 kB	173.233.137.52
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-12-01 07:35:53	579 B	578 B	142.250.74.163
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-12-01 06:35:15	2.0 kB	140 kB	45.133.44.9
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15 17:46:22	2023-12-01 11:43:19	3.1 kB	310 kB	172.64.109.10
tzegilo.com	unknown	2022-01-14	2022-01-14 16:27:15	2023-11-30 22:37:49	408 B	20 kB	172.67.193.52
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-01 08:02:13	897 B	11 kB	142.250.74.106
pl16411290.alternativecpmgate.com	unknown	2021-07-01	2023-05-22 08:21:17	2023-11-24 20:52:24	460 B	10 kB	173.233.137.60
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-12-01 06:19:54	950 B	716 B	18.184.210.76
vaugroar.com	unknown	2022-04-19	2022-04-21 19:10:04	2023-11-27 21:40:27	2.9 kB	127 kB	139.45.197.250
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2023-12-01 20:18:58	535 B	481 B	139.45.195.254
ssl.gstatic.com	unknown	2008-02-11	2012-05-23 08:57:57	2023-12-01 13:19:29	446 B	6.1 kB	142.250.74.163
www.vugla.com	unknown	2013-09-24	2015-02-06 16:22:31	2023-12-01 16:07:35	40 kB	1.4 MB	192.185.106.252
www.variouscreativeformats.com	408415	2021-06-09	2021-06-13 08:53:26	2023-11-28 18:09:46	457 B	12 kB	192.243.59.12
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-01 05:09:40	1.8 kB	868 B	216.239.32.36
amunfezanttor.com	unknown	2023-03-31	2023-03-31 14:42:42	2023-12-01 13:22:24	1.5 kB	1.5 kB	139.45.197.250
casualdatesconnect.life	unknown	2023-09-05	2023-09-05 11:51:09	2023-11-30 21:58:05	14 kB	463 kB	185.155.186.16
offerimage.com	304078	2019-06-10	2019-06-10 13:11:53	2023-12-01 12:59:37	896 B	40 kB	172.67.22.216
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-12-01 15:23:59	822 B	173 kB	172.64.173.31
cdn.yourwebbars.com	62037	2020-08-21	2021-01-29 18:47:27	2023-12-01 01:01:13	503 B	2.2 kB	172.67.74.218
afodreet.net	unknown	2023-09-04	2023-09-04 21:37:10	2023-11-21 08:17:30	1.6 kB	32 kB	139.45.197.243
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-01 05:29:09	6.6 kB	372 kB	142.250.74.67
pl15560907.passtechusa.com	unknown	2020-02-27	2022-10-27 15:33:11	2023-11-25 04:22:29	455 B	16 kB	192.243.61.227
curryoxygencheaper.com	unknown	2023-11-28	2023-11-28 10:22:05	2023-11-30 20:15:22	4.9 kB	7.3 kB	173.233.137.36
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2023-11-30 20:03:45	1.5 kB	846 B	192.243.61.225
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-12-01 08:11:25	350 B	942 B	54.230.218.11
zodiacranbehalf.com	unknown	unknown	No data	No data	6.3 kB	40 kB	192.243.59.13
admissiblecontradictthrone.com	unknown	2023-11-28	2023-11-28 12:40:23	2023-11-30 17:43:43	507 B	467 B	192.243.59.12
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-01 06:26:25	432 B	86 kB	142.250.74.168
eehuzaih.com	unknown	2022-02-21	2022-02-21 12:12:25	2023-11-25 20:59:40	3.2 kB	128 kB	139.45.197.237
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-11-30 20:01:36	1.0 kB	1.5 kB	139.45.195.8
apis.google.com	105	1997-09-15	2013-05-06 22:20:21	2023-12-01 05:11:42	4.3 kB	254 kB	142.250.74.78

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-01 20:23:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-01	medium	eehuzaih.com	Sinkholed
2023-12-01	medium	eehuzaih.com	Sinkholed
2023-12-01	medium	vaugroar.com	Sinkholed
2023-12-01	medium	vaugroar.com	Sinkholed
2023-12-01	medium	vaugroar.com	Sinkholed
2023-12-01	medium	amunfezanttor.com	Sinkholed
2023-12-01	medium	fleraprt.com	Sinkholed
2023-12-01	medium	amunfezanttor.com	Sinkholed
2023-12-01	medium	amunfezanttor.com	Sinkholed
2023-12-01	medium	eehuzaih.com	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	zodiacranbehalf.com	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	zodiacranbehalf.com	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	zodiacranbehalf.com	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	curryoxygencheaper.com	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	zodiacranbehalf.com	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	zodiacranbehalf.com	Sinkholed
2023-12-01	medium	curryoxygencheaper.com	Sinkholed
2023-12-01	medium	casualdatesconnect.life	Sinkholed
2023-12-01	medium	admissiblecontradictthrone.com	Sinkholed
2023-12-01	medium	curryoxygencheaper.com	Sinkholed
2023-12-01	medium	curryoxygencheaper.com	Sinkholed
2023-12-01	medium	unseenreport.com	Sinkholed
2023-12-01	medium	unseenreport.com	Sinkholed
2023-12-01	medium	eehuzaih.com	Sinkholed
2023-12-01	medium	vaugroar.com	Sinkholed
2023-12-01	medium	vaugroar.com	Sinkholed
2023-12-01	medium	vaugroar.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (62)

	URL	From	Size	First Seen	Last Seen
	casualdatesconnect.life/cookie/js.cookie11.js	ScriptElement	4.2 kB	2023-03-07	2025-03-14
Pretty URL casualdatesconnect.life/cookie/js.cookie11.js IP 185.155.186.16 ASN #203639 Tekka Digital SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-03-14 06:41 Times Seen3459 Hash d69ea699f15818eb39d4f4898f75a7e3 0209181a1da02eaf3857d30efd7092ea85f4c7eb 1d6379dcee88d76c4895ef26cc84e178b995e0a8e1effc943691fe9c59ccdb60 Loading...

	www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html	ScriptElement	3.3 kB	2023-11-13	2024-08-20
Pretty URL www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-13 23:13 Last Seen2024-08-20 19:42 Times Seen77 Hash d13d41a1b861ef9aa0e02b02b0f7d642 2054927fbb35d426ca430a809cd4ba350f2ddec2 84b675950434bdf327774b6e23b2a2737f07135d842888d8b99be08475d9be94 Loading...

	www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html	ScriptElement	233 B	2024-08-20	2024-08-20
Pretty URL www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:08 Last Seen2024-08-20 17:08 Times Seen1 Hash 0b9727f342904e450a4877acb518e248 ee234482e4a3aa14efd866f86b9e8a299a8f9426 3d60402d187be9249abed0ec60f9a8e211668ec642f6a0d0e50d49a91ed696b0 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs	ScriptElement	66 kB	2023-11-28	2024-08-20
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 11:17 Last Seen2024-08-20 17:36 Times Seen195 Hash 009832d077d8fc42d725066c2b774fd6 0994f8575917c4eeb66f6bdb0a65609aa8902cac b1e012aaab4e65462b456ff6a07a6512c7b11d1682d228531d66b132dcf3d364 Loading...

	unknown	DomTimer	14 B	2023-04-14	2025-05-06
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-14 12:00 Last Seen2025-05-06 15:09 Times Seen2575 Hash 5cffc6455818c58a1373d3bc0bba6e0b 96652bedbb3e64047708217af086c5c923fbdf23 32b81923fd0009505e6f2dc90b82db66817edcb61f05ecdf4a5ff8b9a38629fd Loading...

	www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html	ScriptElement	459 B	2024-08-20	2024-08-20
Pretty URL www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:08 Last Seen2024-08-20 17:08 Times Seen1 Hash a6f1283f601ed089f1cfe76fc45c7183 c2b3b1ba39f625bccf8888c8fcfb92f5df4d8a24 96b4f37c29794a6d706a7a7b6e33e96c70d641f2d45262d79396992481f38ba6 Loading...

	unknown	ScriptElement	196 B	2023-11-17	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-17 15:46 Last Seen2024-08-20 19:05 Times Seen39 Hash 43603cd222cb16c705b5e2d8ea8b85ea 8b6753fa36c7c328d0035594638d67b6af1611fc 760b2727afb68b6edfe1f97a3c2df60fda81477a451f3913b2b15d72e29c4ffb Loading...

	pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js	ScriptElement	25 kB	2023-12-01	2023-12-02
Pretty URL pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js IP 173.233.137.60 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 21:24 Last Seen2023-12-02 18:05 Times Seen2 Hash deea940be62b2bfbb6b3887db9298635 199487d017c6b1483754ee271d49bcbd84b63916 abff4c444d2136aca2746b9fc09e8a9f66236d4a3c40deaa2899cce6f045e3a4 Loading...

	casualdatesconnect.life/media/casual/toon3/js/trls.js	ScriptElement	25 kB	2023-04-08	2024-08-21
Pretty URL casualdatesconnect.life/media/casual/toon3/js/trls.js IP 185.155.186.16 ASN #203639 Tekka Digital SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-08 06:52 Last Seen2024-08-21 09:40 Times Seen1878 Hash f698d6e59746442894ae3d08f1f35790 6de9973221af0862e591be47696c17383ccebc14 889ddd2274031b06bd6c1357d218df9d83cce168787370c5aedc6dabc2aa39f9 Loading...

	www.vugla.com/wp-content/themes/vugla/js/scripts.js?ver=6.4.1	ScriptElement	104 kB	2023-05-22	2024-08-21
Pretty URL www.vugla.com/wp-content/themes/vugla/js/scripts.js?ver=6.4.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen199 Hash ef9b7abbc5670902d89c6d20af50b7c3 2593f7764d07fecf938574d3d93693f1974759d2 17cadc0ae5ff07b667c2150bce71007b771bcc75ce070fd2a697ee2e60109535 Loading...

	www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6	ScriptElement	28 kB	2023-04-14	2025-04-17
Pretty URL www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-14 15:15 Last Seen2025-04-17 03:23 Times Seen362 Hash 68f8af044f685b84c7d49ac2356acabf 585889874b36224e980f4d285044ec0fb478dc7c 9fe6a07f596d507305d1480e6bb301d04cbf5ef8660b24b9fa411e39607a7ab5 Loading...

	www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html	ScriptElement	130 B	2023-05-22	2024-08-21
Pretty URL www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen180 Hash 071769b9151182dafbb83441dc6fd6e8 2d0debcc38211b79d10eb26c1f233ab0bb385666 cb6b201c1fe09a074a97d8a5f952a0b246e9d4cab3c890cdd66fc72267c8814b Loading...

	www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1	ScriptElement	571 kB	2023-03-07	2025-04-24
Pretty URL www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33 Last Seen2025-04-24 02:06 Times Seen295 Hash 6d53ab10ac8d6c3be0ee1df6b4bdc00f a5b0990fbcaf8b5f73085d9c02236e68b02f113e 0e12b6aea62f8d1c2e29e27393e231a8a17472728b303b586e2d4fb3ff5b481f Loading...

	vaugroar.com/pfe/current/tag.min.js?z=1548391	ScriptElement	13 kB	2023-11-02	2024-08-20
Pretty URL vaugroar.com/pfe/current/tag.min.js?z=1548391 IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 10:05 Last Seen2024-08-20 21:23 Times Seen2697 Hash 258578af3c107ccb907f73c3a2f4c25f 7a192edea829968fb7f57f2a2fc4cb5b612598be 1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75 Loading...

	tharbadir.com/2?z=1347951	ScriptElement	43 kB	2023-12-01	2023-12-01
Pretty URL tharbadir.com/2?z=1347951 IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 21:24 Last Seen2023-12-01 21:24 Times Seen1 Hash 4e0e109e843c8305aa3add5112a6b15b ec38f4e25ce95deab984779e1fa3a88b3af794cc 2a59d2db6c000a7589a3d97f78a7f7d8bb9067bd7b77a70f446f75465b40ed01 Loading...

	afodreet.net/5/1316441	ScriptElement	72 kB	2024-08-20	2024-08-20
Pretty URL afodreet.net/5/1316441 IP 139.45.197.243 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:08 Last Seen2024-08-20 17:08 Times Seen1 Hash 49763184705ad0b2ccd2f75c83021d52 de31db20d3b34a6844126887bbada7ee2aea891f dcfa6ac9f8aa4ce00022a616920d188ee3583e3cc55b19aea89ac7ce0bea753d Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs	ScriptElement	161 kB	2023-11-28	2023-12-18
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 16:18 Last Seen2023-12-18 14:18 Times Seen255 Hash 4a256001cbbe7af37c71afbd89ba1656 4760f1dee9f6ff6db6f33eeee3dc7ec76155f7dd 5b683a525a2a814b27fc09152ee8030b6d542cd24a61de371bbe5e8815e9d0b1 Loading...

	www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html	ScriptElement	153 B	2023-10-28	2024-08-20
Pretty URL www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-28 22:45 Last Seen2024-08-20 22:01 Times Seen131 Hash 378b048db9feb942a4873575f1b0a66b 6d87c4a103cb5fffe86ff758571eae39a1237c35 bc4c36697eee6b442da5b8f9faa8b7686e2d148ca08be69e1312ba734c5e9de8 Loading...

	unknown	ScriptElement	88 kB	2023-11-02	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 10:05 Last Seen2024-08-20 21:23 Times Seen2914 Hash d46d2997ab218d1dba1ab614422ed53f 3f1f6b9847c8ad209835db366c62fcb209b83a67 09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42 Loading...

	www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1	ScriptElement	3.4 kB	2023-03-07	2025-05-08
Pretty URL www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32 Last Seen2025-05-08 00:34 Times Seen715 Hash 6755415003869bd599c3fae8e9792027 57946a22c79654014eb00fb548f727d302221873 07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293 Loading...

	www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html	ScriptElement	63 kB	2023-05-22	2024-08-21
Pretty URL www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen197 Hash be4906ea1de45e4a62febac1060e305a cac55e3d64f37ecd4c069a10277c888e27fedce4 6b95ca3aa5c2c38a6db46a8a40b9b30a248a35f815d619c7e86fb5e569b0d224 Loading...

	eehuzaih.com/400/5005565	ScriptElement	89 kB	2024-08-20	2024-08-20
Pretty URL eehuzaih.com/400/5005565 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:08 Last Seen2024-08-20 17:08 Times Seen1 Hash d817de772f3298309dad7a42dee7ef15 ad27f0d23cfb6befe9e59155e74640e3d7100ba5 fbf884991bbe0d81c616fbf521ab299bba58f773cf81e5d6759b3186ea4f856a Loading...

	pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js	ScriptElement	43 kB	2023-12-01	2023-12-01
Pretty URL pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 21:24 Last Seen2023-12-01 21:24 Times Seen1 Hash 53efed5c7319bd2ab4ae887bf2cb3c14 2a2bd0bfb20395ab5ec9bbeaf19aa8f9d693b9e0 d4e6845938db6ffa9c2e2f386779301c2bb6b1e276f7a36c1543d4e18f108e58 Loading...

	www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1	ScriptElement	95 B	2023-05-22	2024-08-21
Pretty URL www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen222 Hash 64829824ee643f09fb3821dc49b3089a 446608ff9f4128b9503476135a8c28599f8d5c2e 0b967c52b8e899c4266110c97fa50018d61ccf1365144d16f09f901523d48c95 Loading...

	casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw	ScriptElement	665 B	2024-08-20	2024-08-20
Pretty URL casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw IP 185.155.186.16 ASN #203639 Tekka Digital SA Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:08 Last Seen2024-08-20 17:08 Times Seen1 Hash ea51c29732552f0011d9c12e55fa499d e364d4ef600dd16e502f749b3d05c33b971341c8 e1b298956b18e9fa6a488deb522c47ce62242c2eda701e402b508da8a25fe90d Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-11-23	2024-08-20
Pretty URL friendshipmale.com/sfp.js IP 172.64.173.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 18:35 Last Seen2024-08-20 18:08 Times Seen6307 Hash 924e967bca1d599992556a8d139b1c5a 222b09dbf164ddc03d39100fd0524a22018d28b2 ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95 Loading...

	unknown	ScriptElement	26 kB	2023-03-07	2025-01-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-01-30 15:49 Times Seen1752 Hash a912e7afe74b51fdd03b28bf67e7d409 85004dfe087af5a730261c85262661d89b3d2516 706b3882753d8f81cfcf35aa2623303b1b380c8106686a4ad12a1fae23cf4650 Loading...

	www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1	ScriptElement	23 kB	2023-03-07	2025-05-08
Pretty URL www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33 Last Seen2025-05-08 18:22 Times Seen693 Hash 3229aa93c44fa4628707e80959a97bc1 5a2d4dbc4d1df02e7a386489e7b5c5a9e22dd40f 095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90 Loading...

	tzegilo.com/stattag.js	ScriptElement	19 kB	2023-09-07	2024-08-21
Pretty URL tzegilo.com/stattag.js IP 172.67.193.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 20:07 Last Seen2024-08-21 07:20 Times Seen2395 Hash 89e89aea544ea2785d49cc4cd9cf26f6 7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b 86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9 Loading...

	ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js	ScriptElement	12 kB	2023-09-06	2024-08-21
Pretty URL ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-06 15:46 Last Seen2024-08-21 07:24 Times Seen1994 Hash 92169c8a0fbf6e404267d0705cdbdf42 a5cd88b74ca5ced239cdbfb458fe25540d671f46 dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384 Loading...

	www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html	ScriptElement	231 B	2023-05-22	2024-08-21
Pretty URL www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen197 Hash 8eb49f7b6efd94cdd86e86cb6fb64ab1 556d6d9c3502c6c9e0a4fafb3e6d35244fbef674 43544840429e505afe1d466f749f47712d8213c4c1d14772e7e879ccc9b09cbf Loading...

	casualdatesconnect.life/media/casual/toon3/js/main.js	ScriptElement	405 B	2023-03-07	2024-08-21
Pretty URL casualdatesconnect.life/media/casual/toon3/js/main.js IP 185.155.186.16 ASN #203639 Tekka Digital SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:31 Last Seen2024-08-21 09:40 Times Seen1895 Hash f2eab5d5860befa6e1b4eca345006bf1 f4f7958b8de4822f1b2e946f8ca2a4d104484866 c00613979fdbf8d2850f0e08260b582bb8745265c28c216444bc31d475416bc3 Loading...

	casualdatesconnect.life/media/bbc.js	ScriptElement	1.1 kB	2023-03-07	2025-03-14
Pretty URL casualdatesconnect.life/media/bbc.js IP 185.155.186.16 ASN #203639 Tekka Digital SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-03-14 06:41 Times Seen3554 Hash 57e25a20c9962ce9c7077e46c69a265f cba5f15234d9059feacd95fe60fcd7165b45295b 329ed89ce6841f591a258c691e89ca2a55d0c8f481a7ba7c167df8f8198f2791 Loading...

	apis.google.com/js/plusone.js	ScriptElement	58 kB	2023-11-28	2023-12-18
Pretty URL apis.google.com/js/plusone.js IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 16:18 Last Seen2023-12-18 14:18 Times Seen259 Hash 12476fdc6b8599d03eac729748337611 7a15dc04ad6e77026bf45927b78247411e3e0466 c5be6532f19ca90fb5966ed89be694f2bc2cded1e443d3489467cb28cd69af43 Loading...

	apis.google.com/js/rpc:shindig_random.js?onload=init	ScriptElement	18 kB	2023-11-28	2023-12-18
Pretty URL apis.google.com/js/rpc:shindig_random.js?onload=init IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 06:17 Last Seen2023-12-18 09:03 Times Seen200 Hash 84a5ff7df274c2aa0f5db3d0db8deb60 fe9d4e60961ea15195134fa043256585a3956984 0d3c50c1af81534edee9a430edb5d09c6068348173496657982a4546ff2ee231 Loading...

	zodiacranbehalf.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js	ScriptElement	60 kB	2023-12-01	2023-12-02
Pretty URL zodiacranbehalf.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js IP 173.233.137.60 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 21:24 Last Seen2023-12-02 23:20 Times Seen4 Hash 7adeaba815dcf929fa4ece20dc8e622d d788521babb3def8852bf140e6cee6422ba2763a 64605c364a50ae8578f4543a620e2b58d3c0cf7590e8f11b11bad912dc414f0d Loading...

	casualdatesconnect.life/media/casual/toon3/js/jquery-1.11.1.min.js	ScriptElement	96 kB	2023-03-07	2025-03-14
Pretty URL casualdatesconnect.life/media/casual/toon3/js/jquery-1.11.1.min.js IP 185.155.186.16 ASN #203639 Tekka Digital SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03 Last Seen2025-03-14 06:41 Times Seen2215 Hash 612ce073e0525fda305524a4a9949587 a87a1ec66b4a404b2f793f2de9f806955e8952cf a181a613a6eeab77259b1d6537f82fd28f4cb38fa41e43af8d1677a3542e74bf Loading...

	www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1	ScriptElement	15 kB	2023-05-22	2024-08-21
Pretty URL www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen228 Hash ad955f14cdcc21d58014f25ab7c8d46d 8915b95d672d54be6fb01a239088aba305d4798e d6304e162f8fe5054a4c5430d2f1d78ea2ad54c1ff61ea708d148bf385312407 Loading...

	www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html	ScriptElement	275 B	2023-03-14	2024-08-21
Pretty URL www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 00:55 Last Seen2024-08-21 08:08 Times Seen202 Hash 75a198bff010258566f15c985871f637 c73be2b97536168613d453147e3dcff01999220c dd9b861b501b2e39307932dff8443bdf955fad5346b2d9c2854670c5d48752ee Loading...

	moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js		1.7 kB	2023-05-05	2025-05-09
Pretty URL moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-05-09 04:10 Times Seen54714 Hash 865f01cbb34eb505834e826380d7dc2e c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e 30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17 Loading...

	www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-05-09
Pretty URL www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-05-09 03:15 Times Seen105622 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6	ScriptElement	13 kB	2023-03-07	2025-05-08
Pretty URL www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33 Last Seen2025-05-08 18:22 Times Seen474 Hash 416d2c5e5425c640a7d63f25e0376fd6 a95b218161d94bdb148d108aedf065b4a4762045 b875bead01dfa1b02a553e8efda0f3a65d39da24f19ad37af95f06795eee76dc Loading...

	tharbadir.com/27/b7af9eee900df9a8aa2af9ad8ee46174	ScriptElement	413 kB	2023-11-24	2024-08-20
Pretty URL tharbadir.com/27/b7af9eee900df9a8aa2af9ad8ee46174 IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-24 13:48 Last Seen2024-08-20 18:04 Times Seen548 Hash 1dc3ebe1459db3cde0597b21156f2665 0e5a8c7b79a34f4fffaeab7c7eb4f3a19b0d75f6 1a3f7f2cfe5fba958e9df1a38c0980aab5bb21225601ea849f9e6df4afe09f2e Loading...

	unknown	ScriptElement	145 B	2023-08-25	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 09:27 Last Seen2024-08-21 08:08 Times Seen146 Hash 25ee70ccfb4bb15c14c145562f0f0305 750f0fcb4ebd205c768b5bbb7dba73a7100e66e3 4873fcd169e86b6cf750a5c26c2217dd0493a0f27b3407d75ed7feb77ba9f45c Loading...

	www.kursnalista.co/banners/banners.js	ScriptElement	8.1 kB	2023-05-22	2024-08-21
Pretty URL www.kursnalista.co/banners/banners.js IP 192.185.106.47 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen221 Hash 0fa58c243ecc9c6ff829da27563c78c4 771e757dcaddc90a127b557e6a8a69b9dfe4767d 4631955f687225007a1227be7e662f1f45798c13a573f70670e748ff50aa194b Loading...

	www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4	ScriptElement	19 kB	2023-03-08	2025-05-07
Pretty URL www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26 Last Seen2025-05-07 14:51 Times Seen20810 Hash f88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a Loading...

	www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT	ScriptElement	246 kB	2023-12-01	2023-12-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 21:24 Last Seen2023-12-01 21:24 Times Seen1 Hash e54680bf29f8156f7937e440869a6f5c 65f3874a5f44049775e294255f00c691d85b7f35 2b37686aa419f519cbdf12227fa6a326457d3325d5b6564c2355324b30bbdf73 Loading...

	www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js	ScriptElement	30 kB	2023-11-26	2023-12-12
Pretty URL www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-26 17:50 Last Seen2023-12-12 22:21 Times Seen66 Hash 223406d9dbf6d31ee7d9236d1c95ea29 8a45024df7b5013212b1fd369c5670655bd55b66 8eb1cd23b38e67fb1ec812debb06ff9f68891aeecaf2edeba8c0a73081c27ed0 Loading...

	eehuzaih.com/400/5005565	ScriptElement	89 kB	2024-08-20	2024-08-20
Pretty URL eehuzaih.com/400/5005565 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:08 Last Seen2024-08-20 17:08 Times Seen1 Hash c56db7071492f37a5362b5b1793c1d09 3587f5674fe6a2631f6ced09d6adcfa6af3745f2 45ba7a9e66ada5e0b34feee69d350dfd3ab66423bed692783f8feb036e72bf12 Loading...

	connect.facebook.net/en_US/all.js#xfbml=1	ScriptElement	17 kB	2023-05-05	2025-05-09
Pretty URL connect.facebook.net/en_US/all.js#xfbml=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-05-09 04:10 Times Seen54115 Hash b938e0b835c600209bdaae9d8ccda6d7 d5ee79d277057e05f002a18381722b5eb75d3883 d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs	ScriptElement	100 kB	2023-11-28	2023-12-18
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 16:18 Last Seen2023-12-18 03:57 Times Seen144 Hash e0fbc84518a1bab9c8bad9f76463d338 ecce9ef563bc5170ebcfcfd35e0dd5b17bc0b874 d99dd3891be0d37edbcc13fdaad780f164a758be5d0c8a71f66596e6cda04f70 Loading...

	www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html	ScriptElement	204 B	2023-08-25	2024-08-21
Pretty URL www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-25 09:27 Last Seen2024-08-21 08:08 Times Seen159 Hash ff3448265c8993d78798a96ece09fe88 07af2a326db79b0282f3e0399f4481e37b3c1be7 b0568da9ebb64ae54d9132b080408fccc6f1011f2116550f842a05beb81b0f33 Loading...

	casualdatesconnect.life/util/utils.js	ScriptElement	7.5 kB	2023-03-07	2024-08-21
Pretty URL casualdatesconnect.life/util/utils.js IP 185.155.186.16 ASN #203639 Tekka Digital SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2024-08-21 09:44 Times Seen8808 Hash 01816d15ca03032751161a746e2fb7c3 dcc72ea5fa1356490ba473288159df9786b4a3c3 8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea Loading...

	www.vugla.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-05-09
Pretty URL www.vugla.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-05-09 03:15 Times Seen91844 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html	ScriptElement	888 B	2023-08-25	2024-08-21
Pretty URL www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-25 09:27 Last Seen2024-08-21 08:08 Times Seen159 Hash b764db4fe165c62db0d123b867e94bd5 d6b4fdaea71527d774ea41a3673e8c4e6c6b0709 6b9344d192e83f73413812f815e820abcf65bf83ccbe0426b5a55d186ed03ef1 Loading...

	unknown	ScriptElement	3.3 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:08 Last Seen2024-08-20 17:08 Times Seen1 Hash 91835d868756248816726b519bced924 9e7a00982c9ecb6370a3c32778f22798ea19a579 5fe5b2e8b91f89bad808d6a2a342737252581342dfcab5a78796623d9139fd1a Loading...

	www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html	ScriptElement	140 B	2023-11-13	2024-08-20
Pretty URL www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-13 23:13 Last Seen2024-08-20 19:42 Times Seen85 Hash 26ff9d1af4532dd17eb41e6415eea9c1 5503e4032968e229087012da0c0b6a48690f4e55 5f396c3ff05da19529975f5bc46464e9fc9306c56b540e72acd574461e28c978 Loading...

	unknown	ScriptElement	4.1 kB	2023-11-26	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-26 22:07 Last Seen2024-08-20 17:49 Times Seen21 Hash 457a363a3f8319e1ef6a374db2436088 1d407b11b40fdea73d4b56b445b7b3a4cd5efec9 e76d709f1992bf5c7b8a234d65019ca1269b6d9f1ffae7555e6873aa901df91a Loading...

		Size	First Seen	Last Seen
	#1 Eval - 290cd70e11a6e51c5e8c17fd57a1699d	2.1 kB	2024-08-20 17:08	2024-08-20 17:08
Pretty Observations First Seen2024-08-20 17:08 Last Seen2024-08-20 17:08 Times Seen1 Hash 290cd70e11a6e51c5e8c17fd57a1699d 7b1aaa52538e52a2dfa74f81072fc4adf1825336 64523d0bfe1b4aaa3ac3c12ecf35ba70b11560493588b1656452629d3b4f365f Loading...

		Size	First Seen	Last Seen
	#1 Write - 31c9da99d87f30d4105f391c11ae8757	128 B	2023-08-25 09:27	2024-08-21 08:08
Pretty Observations First Seen2023-08-25 09:27 Last Seen2024-08-21 08:08 Times Seen183 Hash 31c9da99d87f30d4105f391c11ae8757 da2648a5466570fd4aa986282e122d12ab6b5648 1dbdd8a3b493ad2b2750901f83983de94b8f59db68ab58aebe45672fc4dba75d Loading...

	#2 Write - 4c24a43c1740655820f660964851d116	227 B	2023-08-31 02:01	2024-08-21 07:44
Pretty Observations First Seen2023-08-31 02:01 Last Seen2024-08-21 07:44 Times Seen26 Hash 4c24a43c1740655820f660964851d116 1067d54c668722fd6949d9e89b5c2e106a1663a0 7ab5a1136c9d8b4e237fe833152275b4e9062ee97e1379a802dc262f1d5708e5 Loading...

	#3 Write - 4caf252d8b5f67a4a15a37b9a44e0a8a	51 kB	2023-05-22 08:22	2024-08-21 08:08
Pretty Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen191 Hash 4caf252d8b5f67a4a15a37b9a44e0a8a 0336cd0390878dffa987b70d66cd9181f975034e 3c2f3f2a1ab8a2ddae090dfc52981d4b729beacc08487c95eb64a83af9217bd8 Loading...

HTTP Transactions (186)

URL IP Response Size

www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1

192.185.106.252

200 OK

398 B

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text
Size
398 B (398 bytes)
Hash
4f140b946bdc4cb833896a992db68c6d
52d6c64f9c5478bb70604068a66f06283ecff968
f8f90d1cacc59cf90886948787ef5c723b8de9e41092285611f2f915b5996ef2

HTTP Headers

GET /wp-content/themes/vugla/style.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 24 Mar 2020 17:57:12 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 398
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6

192.185.106.252

200 OK

1.4 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (4310), with CRLF line terminators
Size
1.4 kB (1410 bytes)
Hash
b236fbc68ad6824d6fd4be9501a56ea5
5147f5e6779b335a45771a6a9ec9f0a1db8079ef
d49c9ad378618e0a0eb8e6fca04c13f6005e13badf79e0c977d76d851f7aa60a

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1410
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1

192.185.106.252

200 OK

733 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (2553), with no line terminators
Size
733 B (733 bytes)
Hash
229bf132659b3607e05296743613ecca
2f498516b73ae5f087904669ccd6b3eb57054711
73214adfea5dc8d2ab7aae66baec56aab47e70224557c08f424b80909d1acd7c

HTTP Headers

GET /wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:33 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 733
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1

192.185.106.252

200 OK

320 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
320 B (320 bytes)
Hash
199decab27dd471d35814631e71e6fea
42c2847529b6859230bc2f4e8e6432805a06148b
7279594a46188e3246db42ffd4c609fc254c6fa06bfca8b72dd82e63fa4e6385

HTTP Headers

GET /wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 26 May 2014 20:39:02 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 320
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1

192.185.106.252

200 OK

89 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
89 B (89 bytes)
Hash
b20aaffdf9d8e1f413b536edb9d1b649
0f3afd6ef6940700eb7f245629d1b79c52f45b47
9534982bd24eaa3205ac2e5a4dbd6a16a3129b70df981f422562ef3a30ade7cd

HTTP Headers

GET /wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:50:56 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 89
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

192.185.106.252

200 OK

5.4 kB

URL GET HTTP/2
www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (13479)
Size
5.4 kB (5422 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 5422
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1

192.185.106.252

200 OK

14 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
Unicode text, UTF-8 text, with very long lines (5844)
Size
14 kB (13761 bytes)
Hash
514fccb15bdc95ea2c2b6fddaded8ecc
4c999194bb19b83cc85f40621fa1c74cd1a4cbf7
d86730f73982f170cb0943d0d47c3c2520743d6a3d6cf5330cde12667df675ca

HTTP Headers

GET /wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:35 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 13761
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4

192.185.106.252

200 OK

8.3 kB

URL GET HTTP/2
www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (18798)
Size
8.3 kB (8305 bytes)
Hash
f88d5720bb454ed5d204cbdb56901f6b
f1952292fde4b15936e9aac16b2b9896684db95b
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8305
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/logo.png

192.185.106.252

200 OK

7.9 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/logo.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 254 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
7.9 kB (7870 bytes)
Hash
f8e78d7eed20f4d77ca41cbf9700c0fa
9c40c7c5ae212e070b2aceda05b7e34de143a670
cf314f8938fb5d378e49a7e09683a206e244024b7ca3a7ec1676f22804285ca7

HTTP Headers

GET /wp-content/themes/vugla/images/logo.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 18 Nov 2013 11:35:09 GMT
accept-ranges: bytes
content-length: 7870
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1

192.185.106.252

200 OK

8.7 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (17739), with CRLF line terminators
Size
8.7 kB (8747 bytes)
Hash
3229aa93c44fa4628707e80959a97bc1
5a2d4dbc4d1df02e7a386489e7b5c5a9e22dd40f
095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8747
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png

192.185.106.252

200 OK

5.9 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
5.9 kB (5880 bytes)
Hash
616a93e26f2d9261cd8412a8741f7be8
5fbfd88e502bcc766a9c9ef1d1751ed16ce1197c
306accb5ad46635aeb9481a9bc934c14ae474e924ec52b6673141c5acacd800d

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 22 Dec 2016 10:00:28 GMT
accept-ranges: bytes
content-length: 5880
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/backa-west-ham-golovi-30-11-2023-150x150.jpg

192.185.106.252

200 OK

4.2 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/12/backa-west-ham-golovi-30-11-2023-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
4.2 kB (4163 bytes)
Hash
d2944a2988ea437dd47e366c35318287
bb2ce83b81e69d624aebf85a53d328b79e794fe0
3e810cdaa1d877d350dcc84007411d3df081852910972b4cbae76eccbc14a39d

HTTP Headers

GET /wp-content/uploads/2023/12/backa-west-ham-golovi-30-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 23:14:23 GMT
accept-ranges: bytes
content-length: 4163
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/djakovo-korzo-webcam-150x150.jpg

192.185.106.252

200 OK

8.0 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2021/11/djakovo-korzo-webcam-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
8.0 kB (8046 bytes)
Hash
491bc44885de43de6071eee78682d862
aca540855708b45025a6aa4a9786397f025ee110
c4cc24d42db085bbdddc345a38e7557f0dca057b489c638cb7858d8f3f65578f

HTTP Headers

GET /wp-content/uploads/2021/11/djakovo-korzo-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 30 Nov 2021 14:12:27 GMT
accept-ranges: bytes
content-length: 8046
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png

192.185.106.252

200 OK

725 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
725 B (725 bytes)
Hash
5da9fb18cfc9264a6e95b4a8bf4d2fcb
7bb78a36bc621ea268a0dad519c9c5c539e751ce
c6e399926b1aeb3634681cf7eb6af4e355325a6b2b6f8a89ad65ece3523fab18

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 725
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/bayern-munich-fc-copenhagen-golovi-29-11-2023-150x150.jpg

192.185.106.252

200 OK

6.5 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/11/bayern-munich-fc-copenhagen-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
6.5 kB (6455 bytes)
Hash
7b7ac3fe315dc9eb4b7939372ed450e9
6a2a2a5470e3648a563cce65ac6d1cd6ac8428ee
54d808ec3b10ea6b3b241b4703caabe1170aa6d07e91c54cb0b68784478ad51d

HTTP Headers

GET /wp-content/uploads/2023/11/bayern-munich-fc-copenhagen-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:18 GMT
accept-ranges: bytes
content-length: 6455
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/real-sociedad-salzburg-golovi-29-11-2023-150x150.jpg

192.185.106.252

200 OK

5.4 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/11/real-sociedad-salzburg-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
5.4 kB (5353 bytes)
Hash
3dd0b6a881bcbf037b6fc140e05dc03e
88a53f3308d933fe32230071702ebd547d7ea65f
2acd2ffefda761e9164ef6e6107caed96686c26e1af57498ba71d448c6c1766d

HTTP Headers

GET /wp-content/uploads/2023/11/real-sociedad-salzburg-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:27 GMT
accept-ranges: bytes
content-length: 5353
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

apis.google.com/js/plusone.js

142.250.74.78

200 OK

22 kB

URL GET HTTP/2
apis.google.com/js/plusone.js
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
Fingerprint06:87:C0:63:02:21:98:02:BD:FC:A0:11:93:E9:3A:9F:51:21:06:D8
ValidityMon, 23 Oct 2023 11:25:10 GMT - Mon, 15 Jan 2024 11:25:09 GMT

File type
ASCII text, with very long lines (2664)
Size
22 kB (21930 bytes)
Hash
12476fdc6b8599d03eac729748337611
7a15dc04ad6e77026bf45927b78247411e3e0466
c5be6532f19ca90fb5966ed89be694f2bc2cded1e443d3489467cb28cd69af43

HTTP Headers

GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 21930
date: Fri, 01 Dec 2023 20:23:50 GMT
expires: Fri, 01 Dec 2023 20:23:50 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "b82ec1e6cb6f99ed"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=MuXZL7T--XGuG5-rPppkOXelRbsM_cMl-43HCqAlabBZRMgLKxIdkTY_AqyXzFOz5n0_2PvzaDyDvIWQSLo8E4Empr3DqYRjFsYZOYihQX8YQm-O1f8pOMopCtTcymSiGh4ShwtKuhIXKv6vCDHvXIllO_RptZeANdoSh9O0_LM; expires=Sat, 01-Jun-2024 20:23:50 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT

142.250.74.168

200 OK

86 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3034)
Size
86 kB (85502 bytes)
Hash
e54680bf29f8156f7937e440869a6f5c
65f3874a5f44049775e294255f00c691d85b7f35
2b37686aa419f519cbdf12227fa6a326457d3325d5b6564c2355324b30bbdf73

HTTP Headers

GET /gtag/js?id=G-7NCJ73THPT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 20:23:50 GMT
expires: Fri, 01 Dec 2023 20:23:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85502
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png

192.185.106.252

200 OK

1.7 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1659 bytes)
Hash
42bec42b54ef1bb6bb9596efa815973d
88145ca02b72936eb430e818cd7a80f189ca9166
154a5b712eedff5cdee156292d8795dd139a350c7ed09982e5faec55a0ab2f42

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 1659
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1

192.185.106.252

200 OK

7.0 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
HTML document, ASCII text, with very long lines (14641), with CRLF line terminators
Size
7.0 kB (6964 bytes)
Hash
ad955f14cdcc21d58014f25ab7c8d46d
8915b95d672d54be6fb01a239088aba305d4798e
d6304e162f8fe5054a4c5430d2f1d78ea2ad54c1ff61ea708d148bf385312407

HTTP Headers

GET /wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 12:00:08 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 6964
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6

192.185.106.252

200 OK

4.7 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (12917), with CRLF line terminators
Size
4.7 kB (4708 bytes)
Hash
416d2c5e5425c640a7d63f25e0376fd6
a95b218161d94bdb148d108aedf065b4a4762045
b875bead01dfa1b02a553e8efda0f3a65d39da24f19ad37af95f06795eee76dc

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 4708
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/benfica-inter-golovi-29-11-2023-150x150.jpg

192.185.106.252

200 OK

4.6 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/11/benfica-inter-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
4.6 kB (4550 bytes)
Hash
f25ddb130bb8a894d4b33c0b2dc7f1c1
c385eb5107fcb92146738fe1846ce4b33cd41659
3c03f20d9971177deee5a25b222a9af1dc8eb62a5c4b24fbde4ac84ba7360421

HTTP Headers

GET /wp-content/uploads/2023/11/benfica-inter-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:20 GMT
accept-ranges: bytes
content-length: 4550
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/viber-64x64.png

192.185.106.252

200 OK

7.1 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/mobile-share/viber-64x64.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7120 bytes)
Hash
de186be4358ae6892385bcb78cc79b01
d933c306c857b9e84e321c4756d384a6e8093da2
c912b95fc0e537dbd5d103172a9ad3df2a3c8ad4ce5e6d6cebbaf31d7f6d58be

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/viber-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 22 Dec 2016 10:00:29 GMT
accept-ranges: bytes
content-length: 7120
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png

192.185.106.252

200 OK

2.6 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2562 bytes)
Hash
56735b8135d0a3b1db1b1e1a34945e85
dc604b4e7030d9fe583393b94f1811fe69628107
7ef39fd53ffb21c300f78615faa8eab8eb1163ad1b70843efa4550a0bda364bc

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 26 Jul 2017 12:44:40 GMT
accept-ranges: bytes
content-length: 2562
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/selo-deda-mraza-webkamera-livestream-150x150.jpg

192.185.106.252

200 OK

5.3 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2021/11/selo-deda-mraza-webkamera-livestream-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
5.3 kB (5279 bytes)
Hash
46ce9c2230970d05d50c23628a137500
d934e4f6bc8d0a17ae980d64be57cebe9fe6db7c
bfaa95283704877ca4245c741f9288b884593e949e79be4faaa36bec82a6ce1a

HTTP Headers

GET /wp-content/uploads/2021/11/selo-deda-mraza-webkamera-livestream-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 24 Nov 2021 17:19:13 GMT
accept-ranges: bytes
content-length: 5279
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/real-madrid-napoli-golovi-29-11-2023-150x150.jpg

192.185.106.252

200 OK

7.0 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/11/real-madrid-napoli-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
7.0 kB (7027 bytes)
Hash
4776d86e08cc2943fbe3b675ec2c3727
692544e5a085db465793d417ab2c5e74f3551d73
9635934bdad0b3ce053f55c3dc84166f64e4a3ca982589117b9b79a01989d46e

HTTP Headers

GET /wp-content/uploads/2023/11/real-madrid-napoli-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:24 GMT
accept-ranges: bytes
content-length: 7027
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/subotica-palic-webcam-150x150.jpg

192.185.106.252

200 OK

5.6 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2021/11/subotica-palic-webcam-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
5.6 kB (5633 bytes)
Hash
c6ede4cbc4e8bbb84901f9107c030e6e
224a6be43d2fcf43039157be2620e5b6c6d64a79
de02048892e8fde9ec6562f086cd6d373eb4168c779897aa9f19d1786d23e645

HTTP Headers

GET /wp-content/uploads/2021/11/subotica-palic-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Nov 2021 10:35:38 GMT
accept-ranges: bytes
content-length: 5633
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png

192.185.106.252

200 OK

1.8 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1762 bytes)
Hash
9cb3d67f468539abb72395dc73934190
9928de37e21649c1799e3287a13f897a34aab5e1
04a457e988270cb1dc76bd57ac8e62fddf02c02b618a1ac6cb0880b93633f5e0

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 1762
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima-620x350.jpg

192.185.106.252

200 OK

72 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/11/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima-620x350.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 620x350, components 3\012- data
Size
72 kB (72053 bytes)
Hash
b31314bcce60b5a5f285b1e2c7ce6a29
453e5edc7cda19ca9137326639faf25178a7af28
bed06664490ded7855b904c9f9f8f25ba1c8f10f3af9a3447ebda4a577d6d4a3

HTTP Headers

GET /wp-content/uploads/2023/11/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima-620x350.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 12:18:31 GMT
accept-ranges: bytes
content-length: 72053
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png

192.185.106.252

200 OK

2.3 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2328 bytes)
Hash
91d33236832e22fe9743606623bd001a
d7101e60e49e86dbe1f34876228aa6831ad568f7
5571cdc5e0d90001474bf488c142929a02a39e55a4a7f61c44d1f94a4087eda1

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 2328
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6

192.185.106.252

200 OK

8.6 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
Unicode text, UTF-8 text, with very long lines (629), with CRLF line terminators
Size
8.6 kB (8560 bytes)
Hash
68f8af044f685b84c7d49ac2356acabf
585889874b36224e980f4d285044ec0fb478dc7c
9fe6a07f596d507305d1480e6bb301d04cbf5ef8660b24b9fa411e39607a7ab5

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8560
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3

192.185.106.252

409 Conflict

83 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/hollywood-beach-webcam-150x150.jpg

192.185.106.252

200 OK

8.7 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2021/11/hollywood-beach-webcam-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
8.7 kB (8687 bytes)
Hash
23fc8e3304c9e60b1303a59d08d3e9ad
53ee6156dbdc09c54f326adb8363472aef5988b6
c5b7b9905d20b459a9044dbad343344065f5b11c1b5bd441a22f24b37ccf98ce

HTTP Headers

GET /wp-content/uploads/2021/11/hollywood-beach-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 24 Nov 2021 18:17:09 GMT
accept-ranges: bytes
content-length: 8687
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/bosanski-petrovac-raskrsnica-webcam-150x150.jpg

192.185.106.252

200 OK

7.0 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2021/11/bosanski-petrovac-raskrsnica-webcam-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
7.0 kB (7008 bytes)
Hash
1804ac2c146b4f9c33a255684979c30f
189fa8eed75366902e0653ab3c8ddd08d3fc607d
ceeb0475c327a3ded698c5c22472291e3eabae9d03c5800b91b465a7728bb4b5

HTTP Headers

GET /wp-content/uploads/2021/11/bosanski-petrovac-raskrsnica-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 24 Nov 2021 16:58:58 GMT
accept-ranges: bytes
content-length: 7008
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/venice-rialto-bridge-webcam-150x150.jpg

192.185.106.252

200 OK

7.4 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2021/11/venice-rialto-bridge-webcam-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
7.4 kB (7424 bytes)
Hash
bc56c6497c2c5b009e93d949e6d0fb55
c51a8c4cf1177fc6a67eaaca4ff9d4000b7d2c2e
48b7b6fd0ffa2ef0fb13218e8ecce9f257553f8753f240ee673c7cf5bbebfbf6

HTTP Headers

GET /wp-content/uploads/2021/11/venice-rialto-bridge-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Nov 2021 10:48:30 GMT
accept-ranges: bytes
content-length: 7424
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3

192.185.106.252

409 Conflict

83 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3

192.185.106.252

409 Conflict

83 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/mallorca-cadiz-golovi-29-11-2023-150x150.jpg

192.185.106.252

200 OK

3.2 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/11/mallorca-cadiz-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
3.2 kB (3206 bytes)
Hash
c4ac3f2f10ead27a6c470fae8fc5c5e7
33d7f8215ac9949c54459676bf8048df6d51d73b
ba12aca2f09ad73a05991204f75c235aedee8fd2265f66d6d5e26384cea71e34

HTTP Headers

GET /wp-content/uploads/2023/11/mallorca-cadiz-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:29 GMT
accept-ranges: bytes
content-length: 3206
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png

192.185.106.252

200 OK

584 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
584 B (584 bytes)
Hash
114d84e23ab95df71589ab5e67b93b85
2270334f4b83486ceaab53133e4706537c16f38a
1353c448068301ee8534bd1d3c8eb214863afa0b9f716222dfe93e2739cffac2

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 584
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png

192.185.106.252

200 OK

861 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
861 B (861 bytes)
Hash
1d8dab6f1066b94b74f5611a8c918681
4e0edc7ba1ada49418772d8d581cd3d38518d490
bac6d2c8418e543d967d6e57710eda1ca4318ddd917c19a28fd63b4240e8d150

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 861
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1

192.185.106.252

200 OK

1.4 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
HTML document, ASCII text
Size
1.4 kB (1389 bytes)
Hash
6755415003869bd599c3fae8e9792027
57946a22c79654014eb00fb548f727d302221873
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

HTTP Headers

GET /wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:28 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1389
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1

192.185.106.252

200 OK

106 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
106 B (106 bytes)
Hash
64829824ee643f09fb3821dc49b3089a
446608ff9f4128b9503476135a8c28599f8d5c2e
0b967c52b8e899c4266110c97fa50018d61ccf1365144d16f09f901523d48c95

HTTP Headers

GET /wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:31 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 106
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/elastislide.css

192.185.106.252

200 OK

674 B

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/elastislide.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
674 B (674 bytes)
Hash
fac0ce1d7bcbe2001f963e204b03b3a4
fe650403bcbc74567e384eb3762c874835f6cad1
d8dcd83dfb6275b55ae8e495f6924dcfc52024a52f5639446a00de846ec7c7b9

HTTP Headers

GET /wp-content/themes/vugla/css/elastislide.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:21 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 674
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_reset.css

192.185.106.252

200 OK

1.2 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/style_reset.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
1.2 kB (1152 bytes)
Hash
b5ae6c0ccd961d29a2924b03b0cbdd6e
3293dc40aa870c1cf79180eb7bd5c2ff28f3bd0a
0838fff76cfa3bad87963e64a610ea8d60b2dc8d0781a7531a2385f65de1ab2f

HTTP Headers

GET /wp-content/themes/vugla/css/style_reset.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:34 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1152
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_320.css

192.185.106.252

200 OK

2.4 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/style_320.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2413 bytes)
Hash
cc437b9ea4ed072bf7636ec9013f026d
df8db436e5193d474b97364dc0cd532a9b390fe5
4e92c5bc2c3f90209e1bec52f50461d8c04d82a539296918f0db0c61af63aab2

HTTP Headers

GET /wp-content/themes/vugla/css/style_320.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2413
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/flexslider.css

192.185.106.252

200 OK

1.5 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/flexslider.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1526 bytes)
Hash
aed0d9c2792c1ca777bfce04eb08ae7a
64e98271e4539dbf8819fa9d801017423c9bc30b
7f7b09426068a9bacddeefcf29f89063307fdc903ac45a569853b8c452d9b62d

HTTP Headers

GET /wp-content/themes/vugla/css/flexslider.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 08 May 2014 09:18:47 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1526
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/tabber.css

192.185.106.252

200 OK

1.7 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/tabber.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
1.7 kB (1710 bytes)
Hash
a3e36a4db7b488bd984dd17c6e17cf63
33e7b11f7e1f149f954b6d938db9e36599816e8a
3609900b90f9835e1525c38bb6b1bcbffea0a14894799e54a07c2a9df09cb03d

HTTP Headers

GET /wp-content/themes/vugla/css/tabber.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1710
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700

142.250.74.106

200 OK

3.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with CRLF, LF line terminators
Size
3.1 kB (3091 bytes)
Hash
ed904e4d9e1ebd96283e7cee28e9aa41
366e38f0e318265f6ab6b4c117b2bcf52cc7f0ef
97f129cac379e380a8c05eaa51527e063725367bedb722353c9b3a1de9aba159

HTTP Headers

GET /css?family=Open+Sans:400italic,700italic,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Dec 2023 20:23:50 GMT
date: Fri, 01 Dec 2023 20:23:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_400.css

192.185.106.252

200 OK

2.4 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/style_400.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2412 bytes)
Hash
1150741460f65df53d2a23c598e5807c
5520fd0a709fdfdc80089452403dbfa49b79f7d4
e0e19f2d1b42abb0a12a95da1488a3fb300ceeb34984bc9e321063184acb019b

HTTP Headers

GET /wp-content/themes/vugla/css/style_400.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2412
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_768.css

192.185.106.252

200 OK

2.5 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/style_768.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (408), with CRLF line terminators
Size
2.5 kB (2538 bytes)
Hash
14b717ed0c77c605f84b5b9a6b9892e9
5723bca38e18b8155b26f923590a05657911a377
6f37f5624b7bc60317a9c37a473fdf7dc34474d5f52cf169a7d52b35ca1dc0dd

HTTP Headers

GET /wp-content/themes/vugla/css/style_768.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:32 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2538
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/wpp.css

192.185.106.252

200 OK

357 B

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/wpp.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
357 B (357 bytes)
Hash
6b44660f121f565e2aab91b7b321ff28
62628718b7edeaccc74d1943d36bc1e0c9d16512
467aa063b813fd2fc1b3ebabc45d6e840d807dad90c169f0ee12f93bcf667851

HTTP Headers

GET /wp-content/themes/vugla/css/wpp.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:37 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 357
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js

173.233.137.60

200 OK

9.3 kB

URL GET HTTP/1.1
pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectalternativecpmgate.com
FingerprintC9:1F:74:2C:C9:F2:3A:E6:2D:4F:6C:DC:DD:18:6E:93:10:75:9E:24
ValidityFri, 20 Oct 2023 06:02:37 GMT - Thu, 18 Jan 2024 06:02:36 GMT

File type
Unicode text, UTF-8 text, with very long lines (25079), with no line terminators
Size
9.3 kB (9278 bytes)
Hash
deea940be62b2bfbb6b3887db9298635
199487d017c6b1483754ee271d49bcbd84b63916
abff4c444d2136aca2746b9fc09e8a9f66236d4a3c40deaa2899cce6f045e3a4

HTTP Headers

GET /c9123167a2366d360cd4d80dad2ac358/invoke.js HTTP/1.1
Host: pl16411290.alternativecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7fc90b40fb0455a7af23afcc40835a31
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.kursnalista.co/banners/banners.js

192.185.106.47

200 OK

1.3 kB

URL GET HTTP/2
www.kursnalista.co/banners/banners.js
IP
192.185.106.47:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.kursnalista.co
Fingerprint1C:D4:9B:DE:4F:51:D3:F0:32:B2:6C:A1:1C:03:E2:3E:18:FC:D4:2A
ValidityMon, 20 Nov 2023 10:01:16 GMT - Sun, 18 Feb 2024 10:01:15 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (394), with CRLF line terminators
Size
1.3 kB (1261 bytes)
Hash
0fa58c243ecc9c6ff829da27563c78c4
771e757dcaddc90a127b557e6a8a69b9dfe4767d
4631955f687225007a1227be7e662f1f45798c13a573f70670e748ff50aa194b

HTTP Headers

GET /banners/banners.js HTTP/1.1
Host: www.kursnalista.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sun, 10 Jul 2022 10:44:43 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1261
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_main.css

192.185.106.252

200 OK

22 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/style_main.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (6104), with CRLF line terminators
Size
22 kB (22468 bytes)
Hash
1d85fc3a503a0f77b0f029ad44e4ddd4
5b1212871267b4eba6f2d0628ce678890cefbd8e
df3db153ea5d4b5fdd494569edaa7513e12c7520282d6926628bee4e93c18187

HTTP Headers

GET /wp-content/themes/vugla/css/style_main.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 23 May 2014 15:19:09 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

afodreet.net/5/1316441

139.45.197.243

200 OK

27 kB

URL GET HTTP/2
afodreet.net/5/1316441
IP
139.45.197.243:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectafodreet.net
Fingerprint73:3B:42:21:58:48:F9:06:51:B8:39:61:55:14:AC:14:D7:00:6D:F9
ValidityThu, 23 Nov 2023 05:19:42 GMT - Wed, 21 Feb 2024 05:19:41 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
27 kB (26867 bytes)
Hash
ee8bff264df1398bcbcd0d19eeae87f3
b977b95fda2efcf49c50c228a506f4b0cfc3bae4
05201fd70fc37bf53228a44ba09a27d3e3e50f3cd3b9d0a0f24af4b095819344

HTTP Headers

GET /5/1316441 HTTP/1.1
Host: afodreet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:50 GMT
content-type: application/javascript
x-trace-id: 12f24b568d97853396cbab60f32d8107
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=994b5a52933846c58dfe044303c92652; expires=Sat, 30 Nov 2024 20:23:50 GMT; path=/; secure; SameSite=None
oaidts=1701462230; expires=Sat, 30 Nov 2024 20:23:50 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.67

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 141773
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.67

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 141773
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

142.250.74.67

200 OK

50 kB

URL GET HTTP/3
fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 50368, version 1.0\012- data
Size
50 kB (50368 bytes)
Hash
4facfd6ff39e147b7e39c4b1abe4117d
0f7c0d978c209d21eb3f55950fc43e77c196ec3b
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

HTTP Headers

GET /s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:48:09 GMT
expires: Fri, 29 Nov 2024 04:48:09 GMT
cache-control: public, max-age=31536000
age: 142542
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/preloader.gif

192.185.106.252

200 OK

1.7 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/preloader.gif
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
GIF image data, version 89a, 16 x 16\012- data
Size
1.7 kB (1737 bytes)
Hash
dd6b7b0bf5c3af22499abc0a9ee1e1b2
e8c0018145d616fac4deb460d9c1d9c9dd4d3302
0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847

HTTP Headers

GET /wp-content/themes/vugla/images/preloader.gif HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:08 GMT
accept-ranges: bytes
content-length: 1737
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:51 GMT
referrer-policy: 
pragma: public
content-type: image/gif
date: Fri, 01 Dec 2023 20:23:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/search-arrow.png

192.185.106.252

200 OK

3.1 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/search-arrow.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 75 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3075 bytes)
Hash
3f8933cdf4d27e317eb59959257f8c7a
b16e414fcb1561603cbf4ac404ec8b6fae1563ff
167925a8f225d7fc340317265409496b2d90e4313bd7d70bca4262bb1477eaf0

HTTP Headers

GET /wp-content/themes/vugla/images/search-arrow.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:13 GMT
accept-ranges: bytes
content-length: 3075
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:51 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html

192.185.106.252

200 OK

0 B

URL HEAD HTTP/2
www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-pingback: https://www.vugla.com/xmlrpc.php
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/", <https://www.vugla.com/wp-json/wp/v2/posts/574385>; rel="alternate"; type="application/json", <https://www.vugla.com/?p=574385>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=10800
expires: Fri, 01 Dec 2023 23:23:51 GMT
vary: User-Agent
referrer-policy: 
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 20:23:51 GMT
server: Apache
X-Firefox-Spdy: h2

pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js

192.243.61.227

200 OK

15 kB

URL GET HTTP/1.1
pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectpasstechusa.com
FingerprintF4:5F:CD:11:B9:E4:E0:B6:E3:01:2A:A2:FB:0E:11:26:44:B4:D0:9D
ValidityFri, 13 Oct 2023 07:12:41 GMT - Thu, 11 Jan 2024 07:12:40 GMT

File type
ASCII text, with very long lines (42802), with no line terminators
Size
15 kB (15437 bytes)
Hash
53efed5c7319bd2ab4ae887bf2cb3c14
2a2bd0bfb20395ab5ec9bbeaf19aa8f9d693b9e0
d4e6845938db6ffa9c2e2f386779301c2bb6b1e276f7a36c1543d4e18f108e58

HTTP Headers

GET /d1/37/02/d137022925bcc2a680f8a4476ff94144.js HTTP/1.1
Host: pl15560907.passtechusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be466fa784c396f81a9deb043431c87d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

eehuzaih.com/400/5005565

139.45.197.237

200 OK

35 kB

URL GET HTTP/2
eehuzaih.com/400/5005565
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjecteehuzaih.com
FingerprintAC:55:E9:5B:5B:87:BF:89:7C:BE:E0:77:14:BE:B7:B4:16:AB:70:5A
ValiditySun, 12 Nov 2023 08:38:54 GMT - Sat, 10 Feb 2024 08:38:53 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
35 kB (34864 bytes)
Hash
73fb2c3c302066f56367d094f0ed7ee7
5849929cc12172f6361e090e54d54fcc62e14aac
fe3732eb0f78b100624cb2e9257f1237b2013b36a4dad2967248ce3692a25b9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /400/5005565 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:51 GMT
content-type: application/javascript
x-trace-id: 5acb876dd855934ad6dac08fb757c888
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=0aa062fd26d541a089292e04c0359ff1; expires=Sat, 30 Nov 2024 20:23:51 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
4cf3c7e5ad6140210e1747f409cb717b
b9125547077ae2ed64b2a6923d1585e68468c13c
60317a6a6b213d0b4364d00faf38fbeccdaeda1a770972ed5394f44152456da2

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:51 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5baa397afade49618e46c4570c9fa5bf; expires=Sat, 30 Nov 2024 20:23:51 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js

192.243.59.12

200 OK

11 kB

URL GET HTTP/1.1
www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.variouscreativeformats.com
Fingerprint8B:21:A3:61:01:C7:2D:29:AF:11:C7:A7:A5:5E:E5:FD:AF:0E:05:43
ValidityMon, 27 Nov 2023 07:10:34 GMT - Sun, 25 Feb 2024 07:10:33 GMT

File type
exported SGML document, ASCII text, with very long lines (29643), with no line terminators
Size
11 kB (10916 bytes)
Hash
223406d9dbf6d31ee7d9236d1c95ea29
8a45024df7b5013212b1fd369c5670655bd55b66
8eb1cd23b38e67fb1ec812debb06ff9f68891aeecaf2edeba8c0a73081c27ed0

HTTP Headers

GET /c3b6bab9a3e6c622d733121998e0014d/invoke.js HTTP/1.1
Host: www.variouscreativeformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 01 Dec 2023 20:23:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3bf3b2b07402f28074f088511d20fc9f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

eehuzaih.com/500/5005565?excludes=&oaid=5baa397afade49618e46c4570c9fa5bf&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0

139.45.197.237

200 OK

0 B

URL GET HTTP/2
eehuzaih.com/500/5005565?excludes=&oaid=5baa397afade49618e46c4570c9fa5bf&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjecteehuzaih.com
FingerprintAC:55:E9:5B:5B:87:BF:89:7C:BE:E0:77:14:BE:B7:B4:16:AB:70:5A
ValiditySun, 12 Nov 2023 08:38:54 GMT - Sat, 10 Feb 2024 08:38:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/5005565?excludes=&oaid=5baa397afade49618e46c4570c9fa5bf&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
5b7b378f2f2e1279be0c0f57ceb0cf93
f03e52739a3a7e746036c3b8b7c42015632a931a
a801964dabaa860b97b788b0dd71cc601c6b38279cf522be462c816352ce1265

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 01 Dec 2023 20:23:52 GMT
Last-Modified: Fri, 01 Dec 2023 18:43:52 GMT
Server: ECAcc (ska/F775)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7TD_tjEy1ocbr4akKZ1Bh4wwiyWcsf6bY8YAPpvnoGIbEM6SB5QUog==
Age: 6001

region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701462235742&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1206520075.1701462236&ul=en-us&sr=1280x1024&_s=1&sid=1701462236&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&dt=Legendarna%20%E2%80%9Evespa%E2%80%9C%20ne%20sme%20da%20se%20imitira%3A%20EU%20sud%20udario%20%E2%80%9Erampu%E2%80%9C%20Kinezima%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3574

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701462235742&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1206520075.1701462236&ul=en-us&sr=1280x1024&_s=1&sid=1701462236&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&dt=Legendarna%20%E2%80%9Evespa%E2%80%9C%20ne%20sme%20da%20se%20imitira%3A%20EU%20sud%20udario%20%E2%80%9Erampu%E2%80%9C%20Kinezima%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3574
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701462235742&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1206520075.1701462236&ul=en-us&sr=1280x1024&_s=1&sid=1701462236&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&dt=Legendarna%20%E2%80%9Evespa%E2%80%9C%20ne%20sme%20da%20se%20imitira%3A%20EU%20sud%20udario%20%E2%80%9Erampu%E2%80%9C%20Kinezima%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3574 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.vugla.com
date: Fri, 01 Dec 2023 20:23:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

142.250.74.67

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Size
35 kB (35120 bytes)
Hash
dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:49 GMT
expires: Thu, 28 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
age: 168423
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

142.250.74.67

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Size
35 kB (35120 bytes)
Hash
dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:49 GMT
expires: Thu, 28 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
age: 168423
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.184.210.76

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.184.210.76:443
ASN
#16509 AMAZON-02

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
0f8c0e7aabeb2cd17bec97fc079b1218
f0a11c1ea85e917c79311e06fa9d3c1ac533a016
79512a03a999df133ac8d4aded514faf15d0c8e203526e69f673aa2076b8d1cb

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.vugla.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=0aa967fc-2212-4f87-b537-7da7eafce058:3:1; expires=Mon, 28 Nov 2033 20:23:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

142.250.74.67

200 OK

50 kB

URL GET HTTP/3
fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 50368, version 1.0\012- data
Size
50 kB (50368 bytes)
Hash
4facfd6ff39e147b7e39c4b1abe4117d
0f7c0d978c209d21eb3f55950fc43e77c196ec3b
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

HTTP Headers

GET /s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:48:09 GMT
expires: Fri, 29 Nov 2024 04:48:09 GMT
cache-control: public, max-age=31536000
age: 142543
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3

192.185.106.252

409 Conflict

83 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.1206520075.1701462236
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.184.210.76

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.184.210.76:443
ASN
#16509 AMAZON-02

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
0f8c0e7aabeb2cd17bec97fc079b1218
f0a11c1ea85e917c79311e06fa9d3c1ac533a016
79512a03a999df133ac8d4aded514faf15d0c8e203526e69f673aa2076b8d1cb

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: uid_id2=0aa967fc-2212-4f87-b537-7da7eafce058:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.vugla.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

vaugroar.com/zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471

139.45.197.250

200 OK

972 B

URL GET HTTP/2
vaugroar.com/zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectvaugroar.com
FingerprintF5:48:7D:7C:B6:28:8D:55:D3:7D:CF:03:2F:84:BE:B7:FD:20:F0:EE
ValiditySun, 12 Nov 2023 05:15:08 GMT - Sat, 10 Feb 2024 05:15:07 GMT

File type
JSON data\012- , ASCII text, with very long lines (971)
Size
972 B (972 bytes)
Hash
64f047fe127c40083700b04d3811ca27
8f6e71715f3ae8766c33ae08d590fdc202bd865d
0dd4bfd4e574ecf2df30bcd49a6afbc84ffe9a14227f17502561dfca63a51ac7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: vaugroar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/json; charset=utf-8
content-length: 972
x-trace-id: 53cd2fe79f7788cddfe783e919392071
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/top-arrow.png

192.185.106.252

200 OK

305 B

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/top-arrow.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 50 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
305 B (305 bytes)
Hash
1fe20be2c98304e84623d10905435835
7ba0264f96984d92cfe0750c802f9af1ee7cb88b
1c3cbd61a972428028066c1e9abcfa7c0ef37d3b1de39d7b09455177a94eec52

HTTP Headers

GET /wp-content/themes/vugla/images/top-arrow.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.1206520075.1701462236
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:25 GMT
accept-ranges: bytes
content-length: 305
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:52 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/small-social-sprite.png

192.185.106.252

200 OK

3.8 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/small-social-sprite.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 272 x 95, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3812 bytes)
Hash
1aabf6dabc51ca6168aa98fbecbf79e2
0e4cb499aff16fedb2097658da7d2baa1bdafaa8
09ac67d0b81afe77f52b59ee9abc68ba2dd7cf0ebbc85703c75a76c2586e93aa

HTTP Headers

GET /wp-content/themes/vugla/images/small-social-sprite.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.1206520075.1701462236
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:16 GMT
accept-ranges: bytes
content-length: 3812
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:52 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
X-Firefox-Spdy: h2

vaugroar.com/pfe/current/universal.min.js?v=3.1.471

139.45.197.250

200 OK

53 kB

URL GET HTTP/2
vaugroar.com/pfe/current/universal.min.js?v=3.1.471
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectvaugroar.com
FingerprintF5:48:7D:7C:B6:28:8D:55:D3:7D:CF:03:2F:84:BE:B7:FD:20:F0:EE
ValiditySun, 12 Nov 2023 05:15:08 GMT - Sat, 10 Feb 2024 05:15:07 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
53 kB (52732 bytes)
Hash
74d2463716361d67983898374be943fe
43280602cc8890f6db68b483186e9c21b4d0acfc
5ef32cd4dd25682dc08d780606bff91d5fe57925e45644d1fb0fb27f25701629

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.471 HTTP/1.1
Host: vaugroar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-1572c"
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/skijanje-u-italiji-uvek-dobra-ideja-za-zimski-odmor-290x166.jpg

192.185.106.252

200 OK

13 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/12/skijanje-u-italiji-uvek-dobra-ideja-za-zimski-odmor-290x166.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 290x166, components 3\012- data
Size
13 kB (13407 bytes)
Hash
1275219746a0e1afd8812807b622e7bd
f33c31f4e2c2e1160115ee2580ff78105dcb9e76
cba5cdd93c82334047b41c046b8160e20f01a15f8bc1cb58a80b7ff28ef10421

HTTP Headers

GET /wp-content/uploads/2023/12/skijanje-u-italiji-uvek-dobra-ideja-za-zimski-odmor-290x166.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.1206520075.1701462236
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 01 Dec 2023 11:18:07 GMT
accept-ranges: bytes
content-length: 13407
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:52 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/zivotinje-kako-su-39-rok-zvezde-39-pande-ostale-bez-ljubavne-price-290x166.jpg

192.185.106.252

200 OK

11 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/12/zivotinje-kako-su-39-rok-zvezde-39-pande-ostale-bez-ljubavne-price-290x166.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], baseline, precision 8, 290x166, components 3\012- data
Size
11 kB (11323 bytes)
Hash
2be92823a785d6c8e0399c4bcf9d66b3
d43c39f4b421748997e25274f0925132a8519b8e
52c7809a3217c1e64c73d28344f91992feec407a50fdf03d73b75197f983f32c

HTTP Headers

GET /wp-content/uploads/2023/12/zivotinje-kako-su-39-rok-zvezde-39-pande-ostale-bez-ljubavne-price-290x166.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.1206520075.1701462236
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 01 Dec 2023 09:55:19 GMT
accept-ranges: bytes
content-length: 11323
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:52 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/polovina-evropljana-nije-zadovoljna-svojim-fizickim-i-mentalnim-zdravljem-pokazuje-huawei-istrazivanje-290x166.jpg

192.185.106.252

200 OK

8.9 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/12/polovina-evropljana-nije-zadovoljna-svojim-fizickim-i-mentalnim-zdravljem-pokazuje-huawei-istrazivanje-290x166.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 290x166, components 3\012- data
Size
8.9 kB (8870 bytes)
Hash
f51d47785433a5c3b8a2e63effa66ad1
772cafc96030faba09b0038e2bdde2165cb11e22
b8d22c5f3784bb7d0fc58ed685b53f223df1055709c5ab97c314904a1b63fb48

HTTP Headers

GET /wp-content/uploads/2023/12/polovina-evropljana-nije-zadovoljna-svojim-fizickim-i-mentalnim-zdravljem-pokazuje-huawei-istrazivanje-290x166.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.1206520075.1701462236
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 01 Dec 2023 07:54:53 GMT
accept-ranges: bytes
content-length: 8870
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:52 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/39-meta-39-hiljade-laznih-fejsbuk-naloga-otvoreno-u-kini-sa-ciljem-da-se-utice-na-izbore-u-sad-290x166.jpg

192.185.106.252

200 OK

11 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/12/39-meta-39-hiljade-laznih-fejsbuk-naloga-otvoreno-u-kini-sa-ciljem-da-se-utice-na-izbore-u-sad-290x166.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 290x166, components 3\012- data
Size
11 kB (10958 bytes)
Hash
a487c8a01726de6edb733e83146df4ea
e4a09a856e52739f39dbd61157517953d2e10812
dca478e90d4977014ca499035381f9695b145554d20d584dd0df23c52d6f679d

HTTP Headers

GET /wp-content/uploads/2023/12/39-meta-39-hiljade-laznih-fejsbuk-naloga-otvoreno-u-kini-sa-ciljem-da-se-utice-na-izbore-u-sad-290x166.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.1206520075.1701462236
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 01 Dec 2023 07:54:49 GMT
accept-ranges: bytes
content-length: 10958
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:52 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3

192.185.106.252

409 Conflict

83 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.1206520075.1701462236
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

tharbadir.com/27/b7af9eee900df9a8aa2af9ad8ee46174

139.45.197.238

200 OK

130 kB

URL GET HTTP/2
tharbadir.com/27/b7af9eee900df9a8aa2af9ad8ee46174
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjecttharbadir.com
FingerprintA5:91:BD:23:83:6F:FE:A6:06:78:AE:E7:58:60:8E:74:B2:BA:C3:64
ValidityThu, 21 Sep 2023 16:36:00 GMT - Wed, 20 Dec 2023 16:35:59 GMT

File type
ASCII text, with very long lines (65523)
Size
130 kB (130445 bytes)
Hash
1dc3ebe1459db3cde0597b21156f2665
0e5a8c7b79a34f4fffaeab7c7eb4f3a19b0d75f6
1a3f7f2cfe5fba958e9df1a38c0980aab5bb21225601ea849f9e6df4afe09f2e

HTTP Headers

GET /27/b7af9eee900df9a8aa2af9ad8ee46174 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: scm=1; OAID=110576c77cac4a29a8ac8fece672cec4; oaidts=1701462230
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: c6e8aca3d02ae0f8849d6e34dec0a646
cache-control: max-age:290304000, public
last-modified: Fri, 24 Nov 2023 06:46:08 GMT
expires: Fri, 24 Dec 2083 06:46:08 GMT
access-control-expose-headers: X-Sc
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

www.kursnalista.co/banners/indikativni_kurs_300x600.jpg

192.185.106.47

200 OK

59 kB

URL GET HTTP/2
www.kursnalista.co/banners/indikativni_kurs_300x600.jpg
IP
192.185.106.47:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.kursnalista.co
Fingerprint1C:D4:9B:DE:4F:51:D3:F0:32:B2:6C:A1:1C:03:E2:3E:18:FC:D4:2A
ValidityMon, 20 Nov 2023 10:01:16 GMT - Sun, 18 Feb 2024 10:01:15 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 300x600, components 3\012- data
Size
59 kB (58603 bytes)
Hash
578b0a16db8ebf941ff499915d7e0c26
dc701f07dac10069407a0c39ad8c628ce1d62ff7
2a941e02a74a9d18560f445d324f11a9e8253a07c53dcfec7a729bd55348c3e4

HTTP Headers

GET /banners/indikativni_kurs_300x600.jpg HTTP/1.1
Host: www.kursnalista.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 23 May 2015 12:36:36 GMT
accept-ranges: bytes
content-length: 58603
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=594f1fd04a064dcd98160abbc4d49499&zoneId=1548391&checkDuplicate=true&ymid=&var=

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?pub=0&userId=594f1fd04a064dcd98160abbc4d49499&zoneId=1548391&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
4cf3c7e5ad6140210e1747f409cb717b
b9125547077ae2ed64b2a6923d1585e68468c13c
60317a6a6b213d0b4364d00faf38fbeccdaeda1a770972ed5394f44152456da2

HTTP Headers

GET /gid.js?pub=0&userId=594f1fd04a064dcd98160abbc4d49499&zoneId=1548391&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Cookie: ID=5baa397afade49618e46c4570c9fa5bf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5baa397afade49618e46c4570c9fa5bf; expires=Sat, 30 Nov 2024 20:23:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

vaugroar.com/custom

139.45.197.250

200 OK

39 B

URL POST HTTP/2
vaugroar.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectvaugroar.com
FingerprintF5:48:7D:7C:B6:28:8D:55:D3:7D:CF:03:2F:84:BE:B7:FD:20:F0:EE
ValiditySun, 12 Nov 2023 05:15:08 GMT - Sat, 10 Feb 2024 05:15:07 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: vaugroar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 430
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: de56a94c0e849c98a7c511acb447c897
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/js/scripts.js?ver=6.4.1

192.185.106.252

200 OK

28 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/js/scripts.js?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
gzip compressed data, from Unix\012- data
Size
28 kB (28101 bytes)
Hash
0e572cf5bcef464d24a5aadefc58a648
72fd72c7c281e1c33a9cc8e6cf703be9e75930bd
a28c93abf87d3a5e560a28447cba227e37d7ae4aa1d8a5b53eff201685c9f0b9

HTTP Headers

GET /wp-content/themes/vugla/js/scripts.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 12:00:03 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1732
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 01 Dec 2023 20:24:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
042249529b09e50fd4152757f4700df6
8981fbce4ed36a10d718acf428d28689ab547da9
a347b06502c77ccf7a598690377ca9c92c0d0a0f1f563f7d8fee31ac517bcb79

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 569
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__

142.250.74.78

226 B

URL
apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
IP
142.250.74.78:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
Fingerprint06:87:C0:63:02:21:98:02:BD:FC:A0:11:93:E9:3A:9F:51:21:06:D8
ValidityMon, 23 Oct 2023 11:25:10 GMT - Mon, 15 Jan 2024 11:25:09 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
226 B (226 bytes)
Hash
4df07581948280a6e769a24c5d99d775
843a2c95362347eb8894a6acb607f139be65ded4
3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73

HTTP Headers

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 20:23:52 GMT
expires: Fri, 01 Dec 2023 20:53:52 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=5baa397afade49618e46c4570c9fa5bf

139.45.197.238

200 OK

0 B

URL POST HTTP/2
tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=5baa397afade49618e46c4570c9fa5bf
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjecttharbadir.com
FingerprintA5:91:BD:23:83:6F:FE:A6:06:78:AE:E7:58:60:8E:74:B2:BA:C3:64
ValidityThu, 21 Sep 2023 16:36:00 GMT - Wed, 20 Dec 2023 16:35:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=5baa397afade49618e46c4570c9fa5bf HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

139.45.197.238

200 OK

3.3 kB

URL POST HTTP/2
tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=5baa397afade49618e46c4570c9fa5bf
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjecttharbadir.com
FingerprintA5:91:BD:23:83:6F:FE:A6:06:78:AE:E7:58:60:8E:74:B2:BA:C3:64
ValidityThu, 21 Sep 2023 16:36:00 GMT - Wed, 20 Dec 2023 16:35:59 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
3.3 kB (3303 bytes)
Hash
114d6969f436156eb7ad790784836318
84641989aba81f91f1d67f245dea5b877f81f15f
05bac055086401a933b885f3e04d5e771138ec8a17d99f39514b3fd0305c878b

HTTP Headers

POST /9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=5baa397afade49618e46c4570c9fa5bf HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 208
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: scm=1; OAID=110576c77cac4a29a8ac8fece672cec4; oaidts=1701462230
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 7f29d5fa0b58c76dd550486ed3dec92a
access-control-expose-headers: X-Sc
set-cookie: OAID=5baa397afade49618e46c4570c9fa5bf; expires=Sat, 30 Nov 2024 20:23:52 GMT; secure; SameSite=None
oaidts=1701462230; expires=Sat, 30 Nov 2024 20:23:52 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
c4debd7df553256c6e65d70c4cd267a1
c7b92926baff8032e1e7e6ec40a460a4e524c3de
38f938457bac776f6d60d01e642dfdcd3c63b626a91931abe6c852fd66a6e6cb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 569
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/pattern-filter.png

192.185.106.252

200 OK

2.8 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/pattern-filter.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2804 bytes)
Hash
6d6f2d483736ba6f70063740ddf2841b
3b9dee704da0bf19a56b46584a55226a137504a9
dca9f66f2ff2d735f415080def56d34e60cf13cc65668bf9b422103cd3bee2a5

HTTP Headers

GET /wp-content/themes/vugla/images/pattern-filter.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.1206520075.1701462236; prefetchAd_1316441=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=0aa967fc-2212-4f87-b537-7da7eafce058%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:06 GMT
accept-ranges: bytes
content-length: 2804
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:52 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2013/11/bckg-vugla-dark.jpg

192.185.106.252

200 OK

267 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2013/11/bckg-vugla-dark.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 2000x1200, components 3\012- data
Size
267 kB (267247 bytes)
Hash
11e97d76a4b329319978b9da6f46b5b0
ae03d14a5b568ed59c1772ee2065e160e93428ae
9fbe33f0e52a532495bb5d56584e250e0d3cf1acc5a04acb7cbb2e39bb6c6a42

HTTP Headers

GET /wp-content/uploads/2013/11/bckg-vugla-dark.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.1206520075.1701462236; prefetchAd_1316441=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=0aa967fc-2212-4f87-b537-7da7eafce058%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 20 Nov 2013 16:40:33 GMT
accept-ranges: bytes
content-length: 267247
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:52 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
X-Firefox-Spdy: h2

173.233.137.52

307 Temporary Redirect

0 B

URL GET HTTP/1.1
www.profitabledisplaycontent.com/watch.368960064151.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22legendarna%22%2C%22%E2%80%9Evespa%E2%80%9C%22%2C%22ne%22%2C%22sme%22%2C%22da%22%2C%22se%22%2C%22imitira%22%2C%22eu%22%2C%22sud%22%2C%22udario%22%2C%22%E2%80%9Erampu%E2%80%9C%22%2C%22kinezima%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&tz=0&dev=e&res=14.3095&uuid=0aa967fc-2212-4f87-b537-7da7eafce058%3A3%3A1
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.profitabledisplaycontent.com
Fingerprint5B:BD:54:33:2B:86:AB:1A:82:90:2C:D6:FE:04:C7:39:78:8E:80:0E
ValidityFri, 01 Dec 2023 06:55:29 GMT - Thu, 29 Feb 2024 06:55:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.368960064151.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22legendarna%22%2C%22%E2%80%9Evespa%E2%80%9C%22%2C%22ne%22%2C%22sme%22%2C%22da%22%2C%22se%22%2C%22imitira%22%2C%22eu%22%2C%22sud%22%2C%22udario%22%2C%22%E2%80%9Erampu%E2%80%9C%22%2C%22kinezima%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&tz=0&dev=e&res=14.3095&uuid=0aa967fc-2212-4f87-b537-7da7eafce058%3A3%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.368960064151.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22legendarna%22%2C%22%E2%80%9Evespa%E2%80%9C%22%2C%22ne%22%2C%22sme%22%2C%22da%22%2C%22se%22%2C%22imitira%22%2C%22eu%22%2C%22sud%22%2C%22udario%22%2C%22%E2%80%9Erampu%E2%80%9C%22%2C%22kinezima%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&tz=0&dev=e&res=14.3095&uuid=0aa967fc-2212-4f87-b537-7da7eafce058%3A3%3A1&shu=4642e5cbc66f90e6e40ce159f6fa79202d81f3ee4d21ec32db544048a02a141d0ec46dae440ee514da8f1ac2689f37d2da030c786c664ca5378eb5ef5dd47ac312fe7184cd58fb8b764fb0b6c482d10737195638e0a75e04edfb534663fee3695e&pst=1701462292&rmtc=t
Set-Cookie: u_pl=14611544; expires=Sat, 02 Dec 2023 20:23:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDYxMTU0NCwiayI6ImMzYjZiYWI5YTNlNmM2MjJkNzMzMTIxOTk4ZTAwMTRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDcwMTYsInBpZCI6ODU0ODQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjcsInB0Ijo0LCJwayI6ImUydHg4d3EydHciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tL2xlZ2VuZGFybmEtdmVzcGEtbmUtc21lLWRhLXNlLWltaXRpcmEtZXUtc3VkLXVkYXJpby1yYW1wdS1raW5lemltYS5odG1sIiwiYXIiOltdfX0.n37x6GNOHuWgm3QCiAySSUW203syza_pY6OeH44auds; expires=Fri, 01 Dec 2023 20:24:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5edf1e0ef54532c3050bdd2b4268078c
Strict-Transport-Security: max-age=0; includeSubdomains

tharbadir.com/11?rnd=3843238622&z=2892323&b=19741376&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=INQBmvl4W1kOe--e0csvvvkkblNz8oUVIgv82LzV6AGgI2LXSJsQvOhQ6acuZ3rafJhj3yhHfMrOydPi0WsdQvoljZ8C1Q8rprv8JfKTbSJ1PAPrJXq7ka2nUWqRjgeKHI6AbxlHbYvfoMaQuA1-KHZtha6cGoCjf8OPTHF_kqY59c6gHI4-O3c4zrqNvOsQuIqxeyJcfbJxWN1a319mPty_nmkArx7HG3hHUpzp2t0aWEd-J1fgZEdZKPSI70dt34PrFGTgZtx0Y3LsRrgTR2Jlmw64JRuaFtS4qnDJz4VC3i_BCy2DtLQQ0CEdXYmuDiBkjVWiYFK6XAfIsN3a5X7R9cEWhHL9n6gbmf62OyJvF_r-NJZiZbCtKtPBppK-MKP29-bzM3Tcelqg9K7l1iZZEjs0ks9Ax1RKGyn_10tfOyYhyFrfGDzUefGPPtHmLSNWck1DdvMuswcs2UVrW4XYtCpzbUweC0ZXiS6o_ONbERmw9Ma_b6Gbh9_MccpcpjHMJK7az2-TxkiSUScyZbUSDoxJh7HlWbZ8PEOV35U5gx4ZsteDw4IF4xHIInUXdwHOQH46G9_BT4ppoX5F0nb_OA33972DGlOBk6rZyJ2uevCoZWXR4pLEyM2p1ayg0SHzNMgVAELavCKcoZIMGFY-jVAKIHYCLdkvM65E7KsVWQJSL_ojhk12urcJILtLwHxhnsGmTaF9okjp5r1Ulz0HIu7kI30tUc8kiQ==&ruid=221eb61e-ce14-43a2-9891-a9960ed47a04&subid=754549898872893441&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ot=327

139.45.197.238

200 OK

0 B

URL GET HTTP/2
tharbadir.com/11?rnd=3843238622&z=2892323&b=19741376&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=INQBmvl4W1kOe--e0csvvvkkblNz8oUVIgv82LzV6AGgI2LXSJsQvOhQ6acuZ3rafJhj3yhHfMrOydPi0WsdQvoljZ8C1Q8rprv8JfKTbSJ1PAPrJXq7ka2nUWqRjgeKHI6AbxlHbYvfoMaQuA1-KHZtha6cGoCjf8OPTHF_kqY59c6gHI4-O3c4zrqNvOsQuIqxeyJcfbJxWN1a319mPty_nmkArx7HG3hHUpzp2t0aWEd-J1fgZEdZKPSI70dt34PrFGTgZtx0Y3LsRrgTR2Jlmw64JRuaFtS4qnDJz4VC3i_BCy2DtLQQ0CEdXYmuDiBkjVWiYFK6XAfIsN3a5X7R9cEWhHL9n6gbmf62OyJvF_r-NJZiZbCtKtPBppK-MKP29-bzM3Tcelqg9K7l1iZZEjs0ks9Ax1RKGyn_10tfOyYhyFrfGDzUefGPPtHmLSNWck1DdvMuswcs2UVrW4XYtCpzbUweC0ZXiS6o_ONbERmw9Ma_b6Gbh9_MccpcpjHMJK7az2-TxkiSUScyZbUSDoxJh7HlWbZ8PEOV35U5gx4ZsteDw4IF4xHIInUXdwHOQH46G9_BT4ppoX5F0nb_OA33972DGlOBk6rZyJ2uevCoZWXR4pLEyM2p1ayg0SHzNMgVAELavCKcoZIMGFY-jVAKIHYCLdkvM65E7KsVWQJSL_ojhk12urcJILtLwHxhnsGmTaF9okjp5r1Ulz0HIu7kI30tUc8kiQ==&ruid=221eb61e-ce14-43a2-9891-a9960ed47a04&subid=754549898872893441&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ot=327
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjecttharbadir.com
FingerprintA5:91:BD:23:83:6F:FE:A6:06:78:AE:E7:58:60:8E:74:B2:BA:C3:64
ValidityThu, 21 Sep 2023 16:36:00 GMT - Wed, 20 Dec 2023 16:35:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=3843238622&z=2892323&b=19741376&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=INQBmvl4W1kOe--e0csvvvkkblNz8oUVIgv82LzV6AGgI2LXSJsQvOhQ6acuZ3rafJhj3yhHfMrOydPi0WsdQvoljZ8C1Q8rprv8JfKTbSJ1PAPrJXq7ka2nUWqRjgeKHI6AbxlHbYvfoMaQuA1-KHZtha6cGoCjf8OPTHF_kqY59c6gHI4-O3c4zrqNvOsQuIqxeyJcfbJxWN1a319mPty_nmkArx7HG3hHUpzp2t0aWEd-J1fgZEdZKPSI70dt34PrFGTgZtx0Y3LsRrgTR2Jlmw64JRuaFtS4qnDJz4VC3i_BCy2DtLQQ0CEdXYmuDiBkjVWiYFK6XAfIsN3a5X7R9cEWhHL9n6gbmf62OyJvF_r-NJZiZbCtKtPBppK-MKP29-bzM3Tcelqg9K7l1iZZEjs0ks9Ax1RKGyn_10tfOyYhyFrfGDzUefGPPtHmLSNWck1DdvMuswcs2UVrW4XYtCpzbUweC0ZXiS6o_ONbERmw9Ma_b6Gbh9_MccpcpjHMJK7az2-TxkiSUScyZbUSDoxJh7HlWbZ8PEOV35U5gx4ZsteDw4IF4xHIInUXdwHOQH46G9_BT4ppoX5F0nb_OA33972DGlOBk6rZyJ2uevCoZWXR4pLEyM2p1ayg0SHzNMgVAELavCKcoZIMGFY-jVAKIHYCLdkvM65E7KsVWQJSL_ojhk12urcJILtLwHxhnsGmTaF9okjp5r1Ulz0HIu7kI30tUc8kiQ==&ruid=221eb61e-ce14-43a2-9891-a9960ed47a04&subid=754549898872893441&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ot=327 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: scm=1; OAID=5baa397afade49618e46c4570c9fa5bf; oaidts=1701462230
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: a08d53e2ce8a40ec3193188fc0b0f6f3
access-control-expose-headers: X-Sc
set-cookie: OAID=5baa397afade49618e46c4570c9fa5bf; expires=Sat, 30 Nov 2024 20:23:52 GMT; secure; SameSite=None
oaidts=1701462230; expires=Sat, 30 Nov 2024 20:23:52 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

tharbadir.com/121?rnd=2945092684&z=2892323&b=19741376&c=7707133&var=&varid=0&d=https%3A%2F%2Ft9wys.bemobtrcks.com%2Fgo%2F8b58584c-14ca-456c-978b-dee053d06abe%3Fvisitor_id%3D754549898872893441%26zoneid%3D2892323%26campaignid%3D7707133%26bannerid%3D19741376%26cost%3D%7Bcost%7D&cln={CELL_NUMBER}&btp=7&rb=INQBmvl4W1kOe--e0csvvvkkblNz8oUVIgv82LzV6AGgI2LXSJsQvOhQ6acuZ3rafJhj3yhHfMrOydPi0WsdQvoljZ8C1Q8rprv8JfKTbSJ1PAPrJXq7ka2nUWqRjgeKHI6AbxlHbYvfoMaQuA1-KHZtha6cGoCjf8OPTHF_kqY59c6gHI4-O3c4zrqNvOsQuIqxeyJcfbJxWN1a319mPty_nmkArx7HG3hHUpzp2t0aWEd-J1fgZEdZKPSI70dt34PrFGTgZtx0Y3LsRrgTR2Jlmw64JRuaFtS4qnDJz4VC3i_BCy2DtLQQ0CEdXYmuDiBkjVWiYFK6XAfIsN3a5X7R9cEWhHL9n6gbmf62OyJvF_r-NJZiZbCtKtPBppK-MKP29-bzM3Tcelqg9K7l1iZZEjs0ks9Ax1RKGyn_10tfOyYhyFrfGDzUefGPPtHmLSNWck1DdvMuswcs2UVrW4XYtCpzbUweC0ZXiS6o_ONbERmw9Ma_b6Gbh9_MccpcpjHMJK7az2-TxkiSUScyZbUSDoxJh7HlWbZ8PEOV35U5gx4ZsteDw4IF4xHIInUXdwHOQH46G9_BT4ppoX5F0nb_OA33972DGlOBk6rZyJ2uevCoZWXR4pLEyM2p1ayg0SHzNMgVAELavCKcoZIMGFY-jVAKIHYCLdkvM65E7KsVWQJSL_ojhk12urcJILtLwHxhnsGmTaF9okjp5r1Ulz0HIu7kI30tUc8kiQ==&bag=OnyHfLl2QISuzg6LYnxB4aNkZBZL1jYZ&ruid=221eb61e-ce14-43a2-9891-a9960ed47a04&subid=754549898872893441

139.45.197.238

302 Found

0 B

URL GET HTTP/2
tharbadir.com/121?rnd=2945092684&z=2892323&b=19741376&c=7707133&var=&varid=0&d=https%3A%2F%2Ft9wys.bemobtrcks.com%2Fgo%2F8b58584c-14ca-456c-978b-dee053d06abe%3Fvisitor_id%3D754549898872893441%26zoneid%3D2892323%26campaignid%3D7707133%26bannerid%3D19741376%26cost%3D%7Bcost%7D&cln={CELL_NUMBER}&btp=7&rb=INQBmvl4W1kOe--e0csvvvkkblNz8oUVIgv82LzV6AGgI2LXSJsQvOhQ6acuZ3rafJhj3yhHfMrOydPi0WsdQvoljZ8C1Q8rprv8JfKTbSJ1PAPrJXq7ka2nUWqRjgeKHI6AbxlHbYvfoMaQuA1-KHZtha6cGoCjf8OPTHF_kqY59c6gHI4-O3c4zrqNvOsQuIqxeyJcfbJxWN1a319mPty_nmkArx7HG3hHUpzp2t0aWEd-J1fgZEdZKPSI70dt34PrFGTgZtx0Y3LsRrgTR2Jlmw64JRuaFtS4qnDJz4VC3i_BCy2DtLQQ0CEdXYmuDiBkjVWiYFK6XAfIsN3a5X7R9cEWhHL9n6gbmf62OyJvF_r-NJZiZbCtKtPBppK-MKP29-bzM3Tcelqg9K7l1iZZEjs0ks9Ax1RKGyn_10tfOyYhyFrfGDzUefGPPtHmLSNWck1DdvMuswcs2UVrW4XYtCpzbUweC0ZXiS6o_ONbERmw9Ma_b6Gbh9_MccpcpjHMJK7az2-TxkiSUScyZbUSDoxJh7HlWbZ8PEOV35U5gx4ZsteDw4IF4xHIInUXdwHOQH46G9_BT4ppoX5F0nb_OA33972DGlOBk6rZyJ2uevCoZWXR4pLEyM2p1ayg0SHzNMgVAELavCKcoZIMGFY-jVAKIHYCLdkvM65E7KsVWQJSL_ojhk12urcJILtLwHxhnsGmTaF9okjp5r1Ulz0HIu7kI30tUc8kiQ==&bag=OnyHfLl2QISuzg6LYnxB4aNkZBZL1jYZ&ruid=221eb61e-ce14-43a2-9891-a9960ed47a04&subid=754549898872893441
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjecttharbadir.com
FingerprintA5:91:BD:23:83:6F:FE:A6:06:78:AE:E7:58:60:8E:74:B2:BA:C3:64
ValidityThu, 21 Sep 2023 16:36:00 GMT - Wed, 20 Dec 2023 16:35:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /121?rnd=2945092684&z=2892323&b=19741376&c=7707133&var=&varid=0&d=https%3A%2F%2Ft9wys.bemobtrcks.com%2Fgo%2F8b58584c-14ca-456c-978b-dee053d06abe%3Fvisitor_id%3D754549898872893441%26zoneid%3D2892323%26campaignid%3D7707133%26bannerid%3D19741376%26cost%3D%7Bcost%7D&cln={CELL_NUMBER}&btp=7&rb=INQBmvl4W1kOe--e0csvvvkkblNz8oUVIgv82LzV6AGgI2LXSJsQvOhQ6acuZ3rafJhj3yhHfMrOydPi0WsdQvoljZ8C1Q8rprv8JfKTbSJ1PAPrJXq7ka2nUWqRjgeKHI6AbxlHbYvfoMaQuA1-KHZtha6cGoCjf8OPTHF_kqY59c6gHI4-O3c4zrqNvOsQuIqxeyJcfbJxWN1a319mPty_nmkArx7HG3hHUpzp2t0aWEd-J1fgZEdZKPSI70dt34PrFGTgZtx0Y3LsRrgTR2Jlmw64JRuaFtS4qnDJz4VC3i_BCy2DtLQQ0CEdXYmuDiBkjVWiYFK6XAfIsN3a5X7R9cEWhHL9n6gbmf62OyJvF_r-NJZiZbCtKtPBppK-MKP29-bzM3Tcelqg9K7l1iZZEjs0ks9Ax1RKGyn_10tfOyYhyFrfGDzUefGPPtHmLSNWck1DdvMuswcs2UVrW4XYtCpzbUweC0ZXiS6o_ONbERmw9Ma_b6Gbh9_MccpcpjHMJK7az2-TxkiSUScyZbUSDoxJh7HlWbZ8PEOV35U5gx4ZsteDw4IF4xHIInUXdwHOQH46G9_BT4ppoX5F0nb_OA33972DGlOBk6rZyJ2uevCoZWXR4pLEyM2p1ayg0SHzNMgVAELavCKcoZIMGFY-jVAKIHYCLdkvM65E7KsVWQJSL_ojhk12urcJILtLwHxhnsGmTaF9okjp5r1Ulz0HIu7kI30tUc8kiQ==&bag=OnyHfLl2QISuzg6LYnxB4aNkZBZL1jYZ&ruid=221eb61e-ce14-43a2-9891-a9960ed47a04&subid=754549898872893441 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: scm=1; OAID=5baa397afade49618e46c4570c9fa5bf; oaidts=1701462230
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-length: 0
location: https://t9wys.bemobtrcks.com/go/8b58584c-14ca-456c-978b-dee053d06abe?visitor_id=754549898872893441&zoneid=2892323&campaignid=7707133&bannerid=19741376&cost=
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 54772815cc6121a3f1c0a3db550620cc
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

www.profitabledisplaycontent.com/watch.368960064151.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22legendarna%22%2C%22%E2%80%9Evespa%E2%80%9C%22%2C%22ne%22%2C%22sme%22%2C%22da%22%2C%22se%22%2C%22imitira%22%2C%22eu%22%2C%22sud%22%2C%22udario%22%2C%22%E2%80%9Erampu%E2%80%9C%22%2C%22kinezima%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&tz=0&dev=e&res=14.3095&uuid=0aa967fc-2212-4f87-b537-7da7eafce058%3A3%3A1&shu=4642e5cbc66f90e6e40ce159f6fa79202d81f3ee4d21ec32db544048a02a141d0ec46dae440ee514da8f1ac2689f37d2da030c786c664ca5378eb5ef5dd47ac312fe7184cd58fb8b764fb0b6c482d10737195638e0a75e04edfb534663fee3695e&pst=1701462292&rmtc=t

173.233.137.52

200 OK

2.1 kB

URL GET HTTP/1.1
www.profitabledisplaycontent.com/watch.368960064151.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22legendarna%22%2C%22%E2%80%9Evespa%E2%80%9C%22%2C%22ne%22%2C%22sme%22%2C%22da%22%2C%22se%22%2C%22imitira%22%2C%22eu%22%2C%22sud%22%2C%22udario%22%2C%22%E2%80%9Erampu%E2%80%9C%22%2C%22kinezima%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&tz=0&dev=e&res=14.3095&uuid=0aa967fc-2212-4f87-b537-7da7eafce058%3A3%3A1&shu=4642e5cbc66f90e6e40ce159f6fa79202d81f3ee4d21ec32db544048a02a141d0ec46dae440ee514da8f1ac2689f37d2da030c786c664ca5378eb5ef5dd47ac312fe7184cd58fb8b764fb0b6c482d10737195638e0a75e04edfb534663fee3695e&pst=1701462292&rmtc=t
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.profitabledisplaycontent.com
Fingerprint5B:BD:54:33:2B:86:AB:1A:82:90:2C:D6:FE:04:C7:39:78:8E:80:0E
ValidityFri, 01 Dec 2023 06:55:29 GMT - Thu, 29 Feb 2024 06:55:28 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (2654)
Size
2.1 kB (2111 bytes)
Hash
4d7c80b01b585af9a0cbdd453e4d21bc
ccf1009b2c1863f0e19a703f74fbc0c6b4a70167
7517b1c53ee9c3ecc0f51b9069054a5eea725f8efa557913e0326567fa4c717b

HTTP Headers

GET /watch.368960064151.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22legendarna%22%2C%22%E2%80%9Evespa%E2%80%9C%22%2C%22ne%22%2C%22sme%22%2C%22da%22%2C%22se%22%2C%22imitira%22%2C%22eu%22%2C%22sud%22%2C%22udario%22%2C%22%E2%80%9Erampu%E2%80%9C%22%2C%22kinezima%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&tz=0&dev=e&res=14.3095&uuid=0aa967fc-2212-4f87-b537-7da7eafce058%3A3%3A1&shu=4642e5cbc66f90e6e40ce159f6fa79202d81f3ee4d21ec32db544048a02a141d0ec46dae440ee514da8f1ac2689f37d2da030c786c664ca5378eb5ef5dd47ac312fe7184cd58fb8b764fb0b6c482d10737195638e0a75e04edfb534663fee3695e&pst=1701462292&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
Referer: https://www.vugla.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=14611544; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDYxMTU0NCwiayI6ImMzYjZiYWI5YTNlNmM2MjJkNzMzMTIxOTk4ZTAwMTRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDcwMTYsInBpZCI6ODU0ODQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjcsInB0Ijo0LCJwayI6ImUydHg4d3EydHciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tL2xlZ2VuZGFybmEtdmVzcGEtbmUtc21lLWRhLXNlLWltaXRpcmEtZXUtc3VkLXVkYXJpby1yYW1wdS1raW5lemltYS5odG1sIiwiYXIiOltdfX0.n37x6GNOHuWgm3QCiAySSUW203syza_pY6OeH44auds
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0aa967fc-2212-4f87-b537-7da7eafce058:3:1; expires=Fri, 08 Dec 2023 20:23:53 GMT; secure; SameSite=None
iprc7ec6d4bb82a68b997c6c463c73571bdf=3569807; expires=Sat, 02 Dec 2023 00:23:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
uncs=1; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
uncs27=1; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: df07e344fae0329c69a2221513af5cef
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

t9wys.bemobtrcks.com/go/8b58584c-14ca-456c-978b-dee053d06abe?visitor_id=754549898872893441&zoneid=2892323&campaignid=7707133&bannerid=19741376&cost=

3.70.16.242

302 Found

260 B

URL GET HTTP/2
t9wys.bemobtrcks.com/go/8b58584c-14ca-456c-978b-dee053d06abe?visitor_id=754549898872893441&zoneid=2892323&campaignid=7707133&bannerid=19741376&cost=
IP
3.70.16.242:443
ASN
#16509 AMAZON-02

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectbemobtrcks.com
FingerprintF4:C3:03:91:C5:43:64:79:A8:36:7E:1C:48:05:23:AB:23:18:C4:5E
ValidityMon, 27 Nov 2023 09:00:54 GMT - Sun, 25 Feb 2024 09:00:53 GMT

File type
HTML document, ASCII text, with no line terminators
Size
260 B (260 bytes)
Hash
4f404208805ab163805a27826c161bcd
edd8dfb3027df5e9729c7e1a2196b553b7ebeaf9
44271076ac5da616dd170060354f31e8de0584e8d0ce60e68d6fc6896679ad7f

HTTP Headers

GET /go/8b58584c-14ca-456c-978b-dee053d06abe?visitor_id=754549898872893441&zoneid=2892323&campaignid=7707133&bannerid=19741376&cost= HTTP/1.1
Host: t9wys.bemobtrcks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: openresty
date: Fri, 01 Dec 2023 20:23:53 GMT
content-type: text/html; charset=utf-8
content-length: 260
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
location: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
set-cookie: bemob-viewer-id=011d4cd5-d297-4f37-89e6-1cf3f1aeaa2e; Domain=t9wys.bemobtrcks.com; Path=/; Expires=Sat, 30 Nov 2024 20:23:53 GMT; HttpOnly; Secure; SameSite=None
bemob-uniq-visit:8b58584c-14ca-456c-978b-dee053d06abe=1; Domain=t9wys.bemobtrcks.com; Path=/; Expires=Sat, 02 Dec 2023 20:23:53 GMT; HttpOnly; Secure; SameSite=None
bemob-rotation:8b58584c-14ca-456c-978b-dee053d06abe:random:b92888d06323cf09eff6e768bedb2adc=0-0-0; Domain=t9wys.bemobtrcks.com; Path=/; Expires=Sat, 02 Dec 2023 20:23:53 GMT; HttpOnly; Secure; SameSite=None
bemob-click-id=JEPHVzwuQEiVUwDEuzVULw; Domain=t9wys.bemobtrcks.com; Path=/; Expires=Sat, 02 Dec 2023 20:23:53 GMT; HttpOnly; Secure; SameSite=None
vary: Accept
x-response-time: 5.619ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
X-Firefox-Spdy: h2

eehuzaih.com/400/5005565

139.45.197.237

200 OK

90 kB

URL GET HTTP/2
eehuzaih.com/400/5005565
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjecteehuzaih.com
FingerprintAC:55:E9:5B:5B:87:BF:89:7C:BE:E0:77:14:BE:B7:B4:16:AB:70:5A
ValiditySun, 12 Nov 2023 08:38:54 GMT - Sat, 10 Feb 2024 08:38:53 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
90 kB (90113 bytes)
Hash
02f2267abebaac8d34fca2acc438d67e
b94340e58d537ba8fa7d257f6d210e6750d4bccb
ce3bdcdc89dc947e6ece91b485f5ecf3ed2dc3a01d5ea5a5c336a223d68f4afc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /400/5005565 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:51 GMT
content-type: application/javascript
x-trace-id: fd731c4d57d1a9325318bacfc6d9ef6a
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=45d475b748ab48eabf9dcdd87a7fc065; expires=Sat, 30 Nov 2024 20:23:51 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs

142.250.74.78

200 OK

34 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
ASCII text, with very long lines (1586)
Size
34 kB (34324 bytes)
Hash
e0fbc84518a1bab9c8bad9f76463d338
ecce9ef563bc5170ebcfcfd35e0dd5b17bc0b874
d99dd3891be0d37edbcc13fdaad780f164a758be5d0c8a71f66596e6cda04f70

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 34324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:23:52 GMT
expires: Fri, 29 Nov 2024 05:23:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 140401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7NCJ73THPT&cid=1206520075.1701462236&gtm=45je3bt0v879882835&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1162762418

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7NCJ73THPT&cid=1206520075.1701462236&gtm=45je3bt0v879882835&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1162762418
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7NCJ73THPT&cid=1206520075.1701462236&gtm=45je3bt0v879882835&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1162762418 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 20:23:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png

45.133.44.9

200 OK

67 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
67 kB (67174 bytes)
Hash
a98b4585db1c6db06d6857c73bb75fcb
02a896b08a79e873b2dd26200ee1f0665dc1c80a
fc08e863ffafe25aa63fe8b60c2d5135fc5f52caf0abae4da3f1a90e0f8ed96c

HTTP Headers

GET /cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:53 GMT
content-type: image/png
content-length: 67174
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:43 GMT
etag: "62e11c7f-10666"
expires: Sun, 03 Dec 2023 20:23:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vugla.com/favicon.ico

192.185.106.252

302 Found

0 B

URL GET HTTP/2
www.vugla.com/favicon.ico
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.1206520075.1701462236; prefetchAd_1316441=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=0aa967fc-2212-4f87-b537-7da7eafce058%3A3%3A1; sb_main_d137022925bcc2a680f8a4476ff94144=1; sb_count_d137022925bcc2a680f8a4476ff94144=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
content-security-policy: upgrade-insecure-requests;
location: https://www.vugla.com/wp-includes/images/w-logo-blue-white-bg.png
cache-control: max-age=10800
expires: Fri, 01 Dec 2023 23:23:53 GMT
vary: User-Agent
referrer-policy: 
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 20:23:53 GMT
server: Apache
X-Firefox-Spdy: h2

casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw

185.155.186.16

200 OK

7.7 kB

URL GET HTTP/1.1
casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (531), with CRLF line terminators
Size
7.7 kB (7693 bytes)
Hash
dc9ac702ee9b222ee10c8fb46d0ecd6d
97b7ca7d72514da6fc6043313454cac34fa4c402
58f32f0f5ec7e3efde002f863e67b0257508e4a5070391f418859870e84f68c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:53 GMT
Content-Type: text/html
Content-Length: 7693
Connection: keep-alive
set-cookie: sid=t1~rlskpf4tbbeokbndpm1it53m; path=/
cache-control: private, no-transform

zodiacranbehalf.com/ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3

192.243.59.13

200 OK

13 kB

URL GET HTTP/1.1
zodiacranbehalf.com/ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectzodiacranbehalf.com
FingerprintC4:B7:E3:A3:79:90:C8:FB:50:CB:DE:BE:B5:A3:7F:86:F6:0F:4E:60
ValidityTue, 28 Nov 2023 07:59:32 GMT - Mon, 26 Feb 2024 07:59:31 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (12698), with no line terminators
Size
13 kB (12699 bytes)
Hash
b03d538713660bd3b10e4aebd0338fc3
77a44cd7dd66efd4ad2deccf06fcdc1e580e364c
6385ba8f9f75f9ff310d43f303fb08ca2105aa0bcc35321b0d595bd555d24c95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3 HTTP/1.1
Host: zodiacranbehalf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 01 Dec 2023 20:23:53 GMT
Content-Type: application/json
Content-Length: 12699
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16310791; expires=Sat, 02 Dec 2023 20:23:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
uncs=1; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
uncs49=1; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
nlecc9123167a2366d360cd4d80dad2ac358=[2229213,2229214,3637745]; expires=Fri, 01 Dec 2023 20:23:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8e6e4e1247db6d25bb3be5f44b65247c
Strict-Transport-Security: max-age=0; includeSubdomains

www.vugla.com/wp-includes/images/w-logo-blue-white-bg.png

192.185.106.252

200 OK

4.1 kB

URL GET HTTP/2
www.vugla.com/wp-includes/images/w-logo-blue-white-bg.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
DNT: 1
Connection: keep-alive
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.1206520075.1701462236; prefetchAd_1316441=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=0aa967fc-2212-4f87-b537-7da7eafce058%3A3%3A1; sb_main_d137022925bcc2a680f8a4476ff94144=1; sb_count_d137022925bcc2a680f8a4476ff94144=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
content-length: 4119
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:53 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:53 GMT
server: Apache
X-Firefox-Spdy: h2

apis.google.com/js/rpc:shindig_random.js?onload=init

142.250.74.78

200 OK

7.1 kB

URL GET HTTP/3
apis.google.com/js/rpc:shindig_random.js?onload=init
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vugla.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__#rpctoken=899254155&forcesecure=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
ASCII text, with very long lines (2056)
Size
7.1 kB (7121 bytes)
Hash
84a5ff7df274c2aa0f5db3d0db8deb60
fe9d4e60961ea15195134fa043256585a3956984
0d3c50c1af81534edee9a430edb5d09c6068348173496657982a4546ff2ee231

HTTP Headers

GET /js/rpc:shindig_random.js?onload=init HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 7121
date: Fri, 01 Dec 2023 20:23:53 GMT
expires: Fri, 01 Dec 2023 20:23:53 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "14543ead6f363f55"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=ufqzmDJtDQ_RzJ0mu8iQHdtfG4BbA6JML9q1ZkDu-TcHgfheUp2o6QfugZ1q1TIWl6kuy5la9Ih0bBMdOKSY3IxfFXFLjOW32POGZZBggb-ZKRGz-fcM8JV41HUQypot-RP4uIL75sfe3iFVADUGUG99XZ_kgKGeD3W5sT9GbgI; expires=Sat, 01-Jun-2024 20:23:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js

142.250.74.163

200 OK

5.2 kB

URL GET HTTP/2
ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vugla.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__#rpctoken=899254155&forcesecure=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (3496)
Size
5.2 kB (5186 bytes)
Hash
92169c8a0fbf6e404267d0705cdbdf42
a5cd88b74ca5ced239cdbfb458fe25540d671f46
dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

HTTP Headers

GET /accounts/o/478691279-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 5186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 16:02:08 GMT
expires: Thu, 28 Nov 2024 16:02:08 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 17 Nov 2023 17:06:44 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 188505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg

45.133.44.9

200 OK

23 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
23 kB (22987 bytes)
Hash
4452445afb73fab8af9ff308eb667024
130401c47d822426e1cce9981c30d775cba1b576
923b0ac505decd181f473f1fa460f21590777993c3581723f127b032d8c45bdd

HTTP Headers

GET /cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:53 GMT
content-type: image/jpeg
content-length: 22987
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:16:05 GMT
etag: "611243d5-59cb"
expires: Sun, 03 Dec 2023 20:23:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg

45.133.44.9

200 OK

28 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Size
28 kB (27606 bytes)
Hash
f4fabf64be47ce667e0cfc150667b36c
234d722efa06cbedfdad9c1bb497a942997741dd
272b7875492a55c6f53a4e4704e715cc5b3cc4e5093758cbfedd95441bfe98d8

HTTP Headers

GET /cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:53 GMT
content-type: image/jpeg
content-length: 27606
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:17:59 GMT
etag: "61124447-6bd6"
expires: Sun, 03 Dec 2023 20:23:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg

45.133.44.9

200 OK

21 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
21 kB (20566 bytes)
Hash
8f4953c1b8baece7bb7d226247561ce2
da5d440970606602026d7900a55ae2fd27a3f170
8fd9df7d8e48ff2519631e82e01519d4f1c65abd41ec977c18abb58df9832919

HTTP Headers

GET /si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:53 GMT
content-type: image/jpeg
content-length: 20566
server: nginx/1.21.6
last-modified: Thu, 01 Sep 2022 12:51:28 GMT
etag: "6310aad0-5056"
expires: Sun, 03 Dec 2023 20:23:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

casualdatesconnect.life/media/casual/toon3/css/style_alt.css

185.155.186.16

200 OK

5.1 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/css/style_alt.css
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
ASCII text, with CRLF line terminators
Size
5.1 kB (5097 bytes)
Hash
faef7172cb03c340a5df27533a002d1a
d84c0103e7996d5558026aa9253afeeca390d654
5b2cf586d1b6a80ea096b4df5f234fddce3d6cedef138ac48b93b1f38d8307ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/css/style_alt.css HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:53 GMT
Content-Type: text/css
Content-Length: 5097
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "faef7172cb03c340a5df27533a002d1a"
Last-Modified: Mon, 20 Feb 2023 09:30:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 179CCE309AA33DE5
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843511#483933773/gid:0/gname:root/mode:33188/mtime:1655386485#244446000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:45.244446Z
Expires: Sat, 30 Nov 2024 20:23:53 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs

142.250.74.78

200 OK

23 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vugla.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__#rpctoken=899254155&forcesecure=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
ASCII text, with very long lines (1505)
Size
23 kB (23431 bytes)
Hash
009832d077d8fc42d725066c2b774fd6
0994f8575917c4eeb66f6bdb0a65609aa8902cac
b1e012aaab4e65462b456ff6a07a6512c7b11d1682d228531d66b132dcf3d364

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 23431
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 02:51:23 GMT
expires: Fri, 29 Nov 2024 02:51:23 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 149550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

zodiacranbehalf.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSvW8c1Rd9k%2FVPvwgaiGiQKFYUCCS0ntnvJUUgBCMLxzZJkOs3771Zv%2FjNvNF787F25RCBUi6iAarxWTtWgoXIHwBCa5rIAsnbIBdxQYdEg5CilGg2Ky1cae69Z84tzrn3fb6XnhMPKT1bv653pFJ0sVVzq29uyIjr3FZXb1U9t%2BZerm7IqN28XB2UyWTveG6r5r5V%2FVCwLb1Ydz3X9VyvuiSNCPRgccpCxkc9r9Zza816zWs1MTD%2FxTZ1YKkDnp2TS5B88r%2FNx48g2RhR%2BP01YbcSHb%2F9QZgqmmiDjB9%2BEm1FOo8QztvAOAiiw9k0tJ0Q8tUF6Ohw5gA62y8dwJcT4vzmwY8OZzLhZwfPlfoKIoLPX0SejSHUGJKOwfRdSH5KAMaxuoYovL%2BqTU63n7O0ZCdk4enfkPmELDx5BVH43VUlB9WbWqWJ1JHFICggB2PI%2Fhhxeoxkx4HMj8GSTyH5r2Tx6QqicH%2FNKg3Ji6l7KceQwRhKDEGtg7T8pIM0cJDGDkJ%2BVqWtXuC6ncAPGo1ukzHWaDDW6rZ5izea3cBFykp5QyTxEEwNwcwuYrOLLfnFaesSTPoT7GYByx3YZEKcj3eR8QK5IMgtQU4JckmQJwR5VhxwZeu2uM%2BVTX1vVuuz2ihGOunv0QOd9EVEQM1wLz4nL0%2FX8%2Bz3%2F2NLnFVZz6s3vHaH1hvtNm%2B0XcabvOtyyuuUNVpdWFlA2gtTxzvlrXARcVmv%2FwmfHsOqYzBZAU090HzUqbugm6Nm18VO9CBL%2B4rWmA7BdYE4WUCy7eypc%2FLqVMTrlScQ7OTKw9eOLnpv%2FAFmCsSmwG35M0Ff3Rvd0DnZv6FzSx6txYkM5Q4t73czoYmoPPxIbOfa8OVrdvjgPVYSZXt0S9hkhUZcRn1Lvr0qORdmSRsmyA%2FLdkP466ndvJqaKI1X1t9fWg5jI6yVOhqDytO1Z2ByQhbu%2FDh9mS%2F98hmkGcOkBcL0hMwCUh%2BDxbuw8Vy91QRGzWf82EGeFiNT9%2Bc%2FlSRQYo6pX8D%2BC%2Fvzfs%2FeQ99UQJO7iMICmSmQqQJUDWHTF0ZJbE6uPP66jG%2Fgq8rIV6ay7yujvpyutkznE9K58xesPKuKVuAGwq0LP%2Bj5QYe6vBc0ez7teaLjt6iHxE7E7XfP%2FgEAAP%2F%2FAQAA%2F%2F9S%2BDh%2FewQAAA%3D%3D

192.243.59.13

200 OK

7 B

URL GET HTTP/1.1
zodiacranbehalf.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSvW8c1Rd9k%2FVPvwgaiGiQKFYUCCS0ntnvJUUgBCMLxzZJkOs3771Zv%2FjNvNF787F25RCBUi6iAarxWTtWgoXIHwBCa5rIAsnbIBdxQYdEg5CilGg2Ky1cae69Z84tzrn3fb6XnhMPKT1bv653pFJ0sVVzq29uyIjr3FZXb1U9t%2BZerm7IqN28XB2UyWTveG6r5r5V%2FVCwLb1Ydz3X9VyvuiSNCPRgccpCxkc9r9Zza816zWs1MTD%2FxTZ1YKkDnp2TS5B88r%2FNx48g2RhR%2BP01YbcSHb%2F9QZgqmmiDjB9%2BEm1FOo8QztvAOAiiw9k0tJ0Q8tUF6Ohw5gA62y8dwJcT4vzmwY8OZzLhZwfPlfoKIoLPX0SejSHUGJKOwfRdSH5KAMaxuoYovL%2BqTU63n7O0ZCdk4enfkPmELDx5BVH43VUlB9WbWqWJ1JHFICggB2PI%2Fhhxeoxkx4HMj8GSTyH5r2Tx6QqicH%2FNKg3Ji6l7KceQwRhKDEGtg7T8pIM0cJDGDkJ%2BVqWtXuC6ncAPGo1ukzHWaDDW6rZ5izea3cBFykp5QyTxEEwNwcwuYrOLLfnFaesSTPoT7GYByx3YZEKcj3eR8QK5IMgtQU4JckmQJwR5VhxwZeu2uM%2BVTX1vVuuz2ihGOunv0QOd9EVEQM1wLz4nL0%2FX8%2Bz3%2F2NLnFVZz6s3vHaH1hvtNm%2B0XcabvOtyyuuUNVpdWFlA2gtTxzvlrXARcVmv%2FwmfHsOqYzBZAU090HzUqbugm6Nm18VO9CBL%2B4rWmA7BdYE4WUCy7eypc%2FLqVMTrlScQ7OTKw9eOLnpv%2FAFmCsSmwG35M0Ff3Rvd0DnZv6FzSx6txYkM5Q4t73czoYmoPPxIbOfa8OVrdvjgPVYSZXt0S9hkhUZcRn1Lvr0qORdmSRsmyA%2FLdkP466ndvJqaKI1X1t9fWg5jI6yVOhqDytO1Z2ByQhbu%2FDh9mS%2F98hmkGcOkBcL0hMwCUh%2BDxbuw8Vy91QRGzWf82EGeFiNT9%2Bc%2FlSRQYo6pX8D%2BC%2Fvzfs%2FeQ99UQJO7iMICmSmQqQJUDWHTF0ZJbE6uPP66jG%2Fgq8rIV6ay7yujvpyutkznE9K58xesPKuKVuAGwq0LP%2Bj5QYe6vBc0ez7teaLjt6iHxE7E7XfP%2FgEAAP%2F%2FAQAA%2F%2F9S%2BDh%2FewQAAA%3D%3D
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectzodiacranbehalf.com
FingerprintC4:B7:E3:A3:79:90:C8:FB:50:CB:DE:BE:B5:A3:7F:86:F6:0F:4E:60
ValidityTue, 28 Nov 2023 07:59:32 GMT - Mon, 26 Feb 2024 07:59:31 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSvW8c1Rd9k%2FVPvwgaiGiQKFYUCCS0ntnvJUUgBCMLxzZJkOs3771Zv%2FjNvNF787F25RCBUi6iAarxWTtWgoXIHwBCa5rIAsnbIBdxQYdEg5CilGg2Ky1cae69Z84tzrn3fb6XnhMPKT1bv653pFJ0sVVzq29uyIjr3FZXb1U9t%2BZerm7IqN28XB2UyWTveG6r5r5V%2FVCwLb1Ydz3X9VyvuiSNCPRgccpCxkc9r9Zza816zWs1MTD%2FxTZ1YKkDnp2TS5B88r%2FNx48g2RhR%2BP01YbcSHb%2F9QZgqmmiDjB9%2BEm1FOo8QztvAOAiiw9k0tJ0Q8tUF6Ohw5gA62y8dwJcT4vzmwY8OZzLhZwfPlfoKIoLPX0SejSHUGJKOwfRdSH5KAMaxuoYovL%2BqTU63n7O0ZCdk4enfkPmELDx5BVH43VUlB9WbWqWJ1JHFICggB2PI%2Fhhxeoxkx4HMj8GSTyH5r2Tx6QqicH%2FNKg3Ji6l7KceQwRhKDEGtg7T8pIM0cJDGDkJ%2BVqWtXuC6ncAPGo1ukzHWaDDW6rZ5izea3cBFykp5QyTxEEwNwcwuYrOLLfnFaesSTPoT7GYByx3YZEKcj3eR8QK5IMgtQU4JckmQJwR5VhxwZeu2uM%2BVTX1vVuuz2ihGOunv0QOd9EVEQM1wLz4nL0%2FX8%2Bz3%2F2NLnFVZz6s3vHaH1hvtNm%2B0XcabvOtyyuuUNVpdWFlA2gtTxzvlrXARcVmv%2FwmfHsOqYzBZAU090HzUqbugm6Nm18VO9CBL%2B4rWmA7BdYE4WUCy7eypc%2FLqVMTrlScQ7OTKw9eOLnpv%2FAFmCsSmwG35M0Ff3Rvd0DnZv6FzSx6txYkM5Q4t73czoYmoPPxIbOfa8OVrdvjgPVYSZXt0S9hkhUZcRn1Lvr0qORdmSRsmyA%2FLdkP466ndvJqaKI1X1t9fWg5jI6yVOhqDytO1Z2ByQhbu%2FDh9mS%2F98hmkGcOkBcL0hMwCUh%2BDxbuw8Vy91QRGzWf82EGeFiNT9%2Bc%2FlSRQYo6pX8D%2BC%2Fvzfs%2FeQ99UQJO7iMICmSmQqQJUDWHTF0ZJbE6uPP66jG%2Fgq8rIV6ay7yujvpyutkznE9K58xesPKuKVuAGwq0LP%2Bj5QYe6vBc0ez7teaLjt6iHxE7E7XfP%2FgEAAP%2F%2FAQAA%2F%2F9S%2BDh%2FewQAAA%3D%3D HTTP/1.1
Host: zodiacranbehalf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=16310791; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 01 Dec 2023 20:23:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 338400d98eff9286f6321060a3777b95
Strict-Transport-Security: max-age=0; includeSubdomains

casualdatesconnect.life/cookie/js.cookie11.js

185.155.186.16

200 OK

4.2 kB

URL GET HTTP/1.1
casualdatesconnect.life/cookie/js.cookie11.js
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
ASCII text, with very long lines (1709), with CRLF line terminators
Size
4.2 kB (4157 bytes)
Hash
d69ea699f15818eb39d4f4898f75a7e3
0209181a1da02eaf3857d30efd7092ea85f4c7eb
1d6379dcee88d76c4895ef26cc84e178b995e0a8e1effc943691fe9c59ccdb60

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cookie/js.cookie11.js HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:53 GMT
Content-Type: text/javascript
Content-Length: 4157
Connection: keep-alive
ETag: "d69ea699f15818eb39d4f4898f75a7e3"
Last-Modified: Tue, 21 Nov 2023 12:29:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCE17A0C5CDCE
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223193#711267407/gid:0/gname:root/mode:33188/mtime:1659030829#652674000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-28T17:53:49.652674Z
Expires: Sat, 30 Nov 2024 20:23:53 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

zodiacranbehalf.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NT0%2FfuPHxsGNoNC4kBmQTlV%2Ft7MYHWMkmEnizEg2bl6996rzJq%2FqFe9VdXWyig7I7Gxxo64qp5MJMwZx%2FgBBKm6GgJDeSBaThTvBjYiDS6lOQ%2FRC3XtPnbs459732U56Sjyk9GT1pt6SStG5Vs2tXlmTEdeZrS7fqXpuzb1WXZNRu3mtOiyTGbzlua2ae7X6vmAbeq7ueq7ruV51QRoR6OHclIWMD3perefWmvWa12piaP6LberAUgd8cEouQ%2FLJ%2F9afPIZkBaLw%2B3lhNxIdv%2FlemCqaaIMB3%2F8o2oh0FiE8bwPjIIj2Z9PQdkLIVxego%2F2ZA%2BjBbukAvpwQ5xcPfrQ%2Fkwl%2FsHem1FcQEXz%2BArJBAaEKSFqA6XuQ%2FJgAjGN5BVH4YFmbjG6esbRkJ%2BTisz8hswm5%2BPRlROF3N5QcVm9rlSZSRxbDIIccFpD9AnF6iGTLgcwOwZJPIfnPZO7ZEqJwd8UqDcnzqXspC8iggBIjUOsgLT%2FpIA0cpLGDkJ9UaasXuG4n8INGo9tkjDUajLW6bd7ijWY3cJGyUt4ISTwCUyMws43YbGNDfnHcugyT%2Fgi7nsNyBzaZEOfDbQx4jkwQZJYgowSZJMgSgmyQ73Fl6zZ%2FwJVNfW9W67PayMc66e%2FQPZ30RURAzWgnPiUvTdfz96%2F%2Fx4Y4qbKeV2947Q6tN9pt3mi7jDd51%2BWU1ylrtLqwMoe0F6aOt8pb4RList78HT49hFWHYLICmnqg2bhTd0HXx82ui63o4SDtK1pjOgTXOeLkIpJNZ0edklemIjqf%2FAHBjq4fXPmr%2BPzjq2AmR2xy3JU%2FEfTV%2FfEtnZHdWzqz5PFKnMhQbtHyfrcTmojKow%2FEZqYNX5y3o4fvsJIo24M7wiZLNOIy6lvy7Q3JuTAL2jBBfli0a8JfTe36jdREaby0%2Bu7CYhgbYa3UUQEqj18swOSEPHc0P32Zry2sQ5oCJs0RpkdkFpD6ECzeho2Prj969eCS98ZvsJrAqPMZP64gS%2FOxqfvnP5UkUOIcUz%2BH%2FRf2z%2Fsdex99UwFN7iEKcwxMjoHKQdUINn1%2BnMTm6PqTr8v4Br6qjH1lKru%2BMurLCXm98rRMp2dLtvKkKlqBGwi3Lvyg5wcd6vJe0Oz5tOeJjt%2BiHhI7EXffPvkHAAD%2F%2FwEAAP%2F%2F3t0L93sEAAA%3D

192.243.59.13

200 OK

7 B

URL GET HTTP/1.1
zodiacranbehalf.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NT0%2FfuPHxsGNoNC4kBmQTlV%2Ft7MYHWMkmEnizEg2bl6996rzJq%2FqFe9VdXWyig7I7Gxxo64qp5MJMwZx%2FgBBKm6GgJDeSBaThTvBjYiDS6lOQ%2FRC3XtPnbs459732U56Sjyk9GT1pt6SStG5Vs2tXlmTEdeZrS7fqXpuzb1WXZNRu3mtOiyTGbzlua2ae7X6vmAbeq7ueq7ruV51QRoR6OHclIWMD3perefWmvWa12piaP6LberAUgd8cEouQ%2FLJ%2F9afPIZkBaLw%2B3lhNxIdv%2FlemCqaaIMB3%2F8o2oh0FiE8bwPjIIj2Z9PQdkLIVxego%2F2ZA%2BjBbukAvpwQ5xcPfrQ%2Fkwl%2FsHem1FcQEXz%2BArJBAaEKSFqA6XuQ%2FJgAjGN5BVH4YFmbjG6esbRkJ%2BTisz8hswm5%2BPRlROF3N5QcVm9rlSZSRxbDIIccFpD9AnF6iGTLgcwOwZJPIfnPZO7ZEqJwd8UqDcnzqXspC8iggBIjUOsgLT%2FpIA0cpLGDkJ9UaasXuG4n8INGo9tkjDUajLW6bd7ijWY3cJGyUt4ISTwCUyMws43YbGNDfnHcugyT%2Fgi7nsNyBzaZEOfDbQx4jkwQZJYgowSZJMgSgmyQ73Fl6zZ%2FwJVNfW9W67PayMc66e%2FQPZ30RURAzWgnPiUvTdfz96%2F%2Fx4Y4qbKeV2947Q6tN9pt3mi7jDd51%2BWU1ylrtLqwMoe0F6aOt8pb4RList78HT49hFWHYLICmnqg2bhTd0HXx82ui63o4SDtK1pjOgTXOeLkIpJNZ0edklemIjqf%2FAHBjq4fXPmr%2BPzjq2AmR2xy3JU%2FEfTV%2FfEtnZHdWzqz5PFKnMhQbtHyfrcTmojKow%2FEZqYNX5y3o4fvsJIo24M7wiZLNOIy6lvy7Q3JuTAL2jBBfli0a8JfTe36jdREaby0%2Bu7CYhgbYa3UUQEqj18swOSEPHc0P32Zry2sQ5oCJs0RpkdkFpD6ECzeho2Prj969eCS98ZvsJrAqPMZP64gS%2FOxqfvnP5UkUOIcUz%2BH%2FRf2z%2Fsdex99UwFN7iEKcwxMjoHKQdUINn1%2BnMTm6PqTr8v4Br6qjH1lKru%2BMurLCXm98rRMp2dLtvKkKlqBGwi3Lvyg5wcd6vJe0Oz5tOeJjt%2BiHhI7EXffPvkHAAD%2F%2FwEAAP%2F%2F3t0L93sEAAA%3D
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectzodiacranbehalf.com
FingerprintC4:B7:E3:A3:79:90:C8:FB:50:CB:DE:BE:B5:A3:7F:86:F6:0F:4E:60
ValidityTue, 28 Nov 2023 07:59:32 GMT - Mon, 26 Feb 2024 07:59:31 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NT0%2FfuPHxsGNoNC4kBmQTlV%2Ft7MYHWMkmEnizEg2bl6996rzJq%2FqFe9VdXWyig7I7Gxxo64qp5MJMwZx%2FgBBKm6GgJDeSBaThTvBjYiDS6lOQ%2FRC3XtPnbs459732U56Sjyk9GT1pt6SStG5Vs2tXlmTEdeZrS7fqXpuzb1WXZNRu3mtOiyTGbzlua2ae7X6vmAbeq7ueq7ruV51QRoR6OHclIWMD3perefWmvWa12piaP6LberAUgd8cEouQ%2FLJ%2F9afPIZkBaLw%2B3lhNxIdv%2FlemCqaaIMB3%2F8o2oh0FiE8bwPjIIj2Z9PQdkLIVxego%2F2ZA%2BjBbukAvpwQ5xcPfrQ%2Fkwl%2FsHem1FcQEXz%2BArJBAaEKSFqA6XuQ%2FJgAjGN5BVH4YFmbjG6esbRkJ%2BTisz8hswm5%2BPRlROF3N5QcVm9rlSZSRxbDIIccFpD9AnF6iGTLgcwOwZJPIfnPZO7ZEqJwd8UqDcnzqXspC8iggBIjUOsgLT%2FpIA0cpLGDkJ9UaasXuG4n8INGo9tkjDUajLW6bd7ijWY3cJGyUt4ISTwCUyMws43YbGNDfnHcugyT%2Fgi7nsNyBzaZEOfDbQx4jkwQZJYgowSZJMgSgmyQ73Fl6zZ%2FwJVNfW9W67PayMc66e%2FQPZ30RURAzWgnPiUvTdfz96%2F%2Fx4Y4qbKeV2947Q6tN9pt3mi7jDd51%2BWU1ylrtLqwMoe0F6aOt8pb4RList78HT49hFWHYLICmnqg2bhTd0HXx82ui63o4SDtK1pjOgTXOeLkIpJNZ0edklemIjqf%2FAHBjq4fXPmr%2BPzjq2AmR2xy3JU%2FEfTV%2FfEtnZHdWzqz5PFKnMhQbtHyfrcTmojKow%2FEZqYNX5y3o4fvsJIo24M7wiZLNOIy6lvy7Q3JuTAL2jBBfli0a8JfTe36jdREaby0%2Bu7CYhgbYa3UUQEqj18swOSEPHc0P32Zry2sQ5oCJs0RpkdkFpD6ECzeho2Prj969eCS98ZvsJrAqPMZP64gS%2FOxqfvnP5UkUOIcUz%2BH%2FRf2z%2Fsdex99UwFN7iEKcwxMjoHKQdUINn1%2BnMTm6PqTr8v4Br6qjH1lKru%2BMurLCXm98rRMp2dLtvKkKlqBGwi3Lvyg5wcd6vJe0Oz5tOeJjt%2BiHhI7EXffPvkHAAD%2F%2FwEAAP%2F%2F3t0L93sEAAA%3D HTTP/1.1
Host: zodiacranbehalf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=16310791; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 01 Dec 2023 20:23:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3a3da35023b832fc02d96604ea6e733a
Strict-Transport-Security: max-age=0; includeSubdomains

casualdatesconnect.life/util/utils.js

185.155.186.16

200 OK

7.5 kB

URL GET HTTP/1.1
casualdatesconnect.life/util/utils.js
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
ASCII text, with very long lines (641), with CRLF line terminators
Size
7.5 kB (7512 bytes)
Hash
01816d15ca03032751161a746e2fb7c3
dcc72ea5fa1356490ba473288159df9786b4a3c3
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /util/utils.js HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:53 GMT
Content-Type: application/javascript
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Mon, 20 Feb 2023 09:36:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 179CCE5BA81C5A5C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676885559#334512232/gid:0/gname:root/mode:33188/mtime:1659085489#684136000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:04:49.684136Z
Expires: Sat, 30 Nov 2024 20:23:53 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/js/main.js

185.155.186.16

200 OK

405 B

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/js/main.js
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
ASCII text
Size
405 B (405 bytes)
Hash
f2eab5d5860befa6e1b4eca345006bf1
f4f7958b8de4822f1b2e946f8ca2a4d104484866
c00613979fdbf8d2850f0e08260b582bb8745265c28c216444bc31d475416bc3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/js/main.js HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:53 GMT
Content-Type: application/javascript
Content-Length: 405
Connection: keep-alive
ETag: "f2eab5d5860befa6e1b4eca345006bf1"
Last-Modified: Wed, 20 Sep 2023 15:21:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCE4D3015DF88
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134504#780010470/gid:0/gname:root/mode:33188/mtime:1655386487#8450000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:47.00845Z
Expires: Sat, 30 Nov 2024 20:23:53 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/bbc.js

185.155.186.16

200 OK

1.1 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/bbc.js
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1132 bytes)
Hash
57e25a20c9962ce9c7077e46c69a265f
cba5f15234d9059feacd95fe60fcd7165b45295b
329ed89ce6841f591a258c691e89ca2a55d0c8f481a7ba7c167df8f8198f2791

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/bbc.js HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:53 GMT
Content-Type: application/javascript
Content-Length: 1132
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "57e25a20c9962ce9c7077e46c69a265f"
Last-Modified: Mon, 20 Feb 2023 09:29:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 179CCE69A831961C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676832256#258761277/gid:0/gname:root/mode:33188/mtime:1659030913#968764000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.968764Z
Expires: Sat, 30 Nov 2024 20:23:53 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/body3_o.jpg

185.155.186.16

200 OK

7.1 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/body3_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
7.1 kB (7115 bytes)
Hash
25f4616348a1f5076ddaaf43b8be0d99
1ebb536691f648bcfc91b6e0e8e7b0de099873d9
a738b84f2486de67b74a3ce03617e248b592b3e316bc9ad5b471f13e29924210

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/body3_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 7115
Connection: keep-alive
ETag: "25f4616348a1f5076ddaaf43b8be0d99"
Last-Modified: Tue, 21 Nov 2023 12:29:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCE4E6CCCE95D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223307#867530752/gid:0/gname:root/mode:33188/mtime:1655386486#296448000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:46.296448Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/js/trls.js

185.155.186.16

200 OK

25 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/js/trls.js
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
Unicode text, UTF-8 text
Size
25 kB (25348 bytes)
Hash
2187f773a9ee4d03d21448c6856698b9
ad93a8e10e0a04c4c32caba37ea54253e22c1369
a6551598594d2f7e4dc32dcb406efdae0538435ef49fc83308cb1a5f40f3353e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/js/trls.js HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:53 GMT
Content-Type: text/javascript
Content-Length: 25348
Connection: keep-alive
ETag: "2187f773a9ee4d03d21448c6856698b9"
Last-Modified: Tue, 21 Nov 2023 12:29:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCE7175F59B6F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223307#915530859/gid:0/gname:root/mode:33188/mtime:1659085987#388970000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:13:07.38897Z
Expires: Sat, 30 Nov 2024 20:23:53 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/body4_o.jpg

185.155.186.16

200 OK

4.7 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/body4_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
4.7 kB (4708 bytes)
Hash
6bfe731b38785116e374e8afd448473b
ce318d0506e12cb3f373b791e78fb60c183e6366
f64c0ecdf9c70f46bbd9a30de7d9b7eba62730b88084543d31037eace2807a68

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/body4_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 4708
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "6bfe731b38785116e374e8afd448473b"
Last-Modified: Mon, 20 Feb 2023 09:30:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 179CCE4ADF0DB6F5
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843511#487933778/gid:0/gname:root/mode:33188/mtime:1655386486#356448000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:46.356448Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/body5_o.jpg

185.155.186.16

200 OK

7.4 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/body5_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
7.4 kB (7402 bytes)
Hash
67c337328ace4aa7c94fbcadbb997963
19ecc8595ff083a870598689b85713014b9941b4
ab5b0cdc771fbee94ae961621de091469cd6d3ee9e0345d67fea8790f47ef21b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/body5_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 7402
Connection: keep-alive
ETag: "67c337328ace4aa7c94fbcadbb997963"
Last-Modified: Tue, 21 Nov 2023 12:29:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCE4AE05C63DA
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223307#875530770/gid:0/gname:root/mode:33188/mtime:1655386486#420448000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:46.420448Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/age1_o.jpg

185.155.186.16

200 OK

6.1 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/age1_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
6.1 kB (6051 bytes)
Hash
412c98a48bd4e5f3095860f53e2fab25
f06ffecbc1f132beb4ec81a149cc79cb5b78559b
1e26c71724f0061870300be2d22c080c376f3189783e4b07f13e9457b9ace154

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/age1_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 6051
Connection: keep-alive
ETag: "412c98a48bd4e5f3095860f53e2fab25"
Last-Modified: Tue, 21 Nov 2023 12:29:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCE640BC19439
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223307#839530689/gid:0/gname:root/mode:33188/mtime:1655386485#852447000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:45.852447Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

curryoxygencheaper.com/sbar.json?key=d137022925bcc2a680f8a4476ff94144&uuid=0aa967fc-2212-4f87-b537-7da7eafce058%3A3%3A1

173.233.137.36

200 OK

4.2 kB

URL GET HTTP/1.1
curryoxygencheaper.com/sbar.json?key=d137022925bcc2a680f8a4476ff94144&uuid=0aa967fc-2212-4f87-b537-7da7eafce058%3A3%3A1
IP
173.233.137.36:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectcurryoxygencheaper.com
FingerprintF2:DD:AF:D4:3D:96:F2:C2:C1:37:D0:07:73:80:BA:7B:02:75:3E:DC
ValidityTue, 28 Nov 2023 08:20:34 GMT - Mon, 26 Feb 2024 08:20:33 GMT

File type
JSON data\012- , ASCII text, with very long lines (6162), with no line terminators
Size
4.2 kB (4177 bytes)
Hash
0e794603647e0530d79ffb647bbf5a31
706b53f3b28e068d45f4f662784b43d9dd302a0d
7ab9d6f5cc8f27c693afba9e6ae5bb40cffd2198b0d92825364b49e7cdc132be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=d137022925bcc2a680f8a4476ff94144&uuid=0aa967fc-2212-4f87-b537-7da7eafce058%3A3%3A1 HTTP/1.1
Host: curryoxygencheaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15460408; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
uid_id2=0aa967fc-2212-4f87-b537-7da7eafce058:3:1; expires=Fri, 08 Dec 2023 20:23:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 02 Dec 2023 20:23:54 GMT; secure; SameSite=None
uncs=1; expires=Sat, 02 Dec 2023 20:23:54 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 02 Dec 2023 20:23:54 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 02 Dec 2023 20:23:54 GMT; secure; SameSite=None
slecd137022925bcc2a680f8a4476ff94144=[4691073]; expires=Fri, 01 Dec 2023 20:23:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 064eddb8ce213be2551137ecfc461dc6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

casualdatesconnect.life/media/casual/toon3/images/age2_o.jpg

185.155.186.16

200 OK

9.5 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/age2_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
9.5 kB (9472 bytes)
Hash
bdee974dfa1bd0381fb37d21c6a24d2b
71c58820bdcd2353850aa2efdf9bcf707198673b
0e9ec0e7494a79661fe5644cda9c4d6c5fe12260606ad1f3ba8105cb953d830b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/age2_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 9472
Connection: keep-alive
ETag: "bdee974dfa1bd0381fb37d21c6a24d2b"
Last-Modified: Tue, 21 Nov 2023 12:29:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCDFB54C12F48
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223307#839530689/gid:0/gname:root/mode:33188/mtime:1655386485#916447000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:45.916447Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/girl.png

185.155.186.16

200 OK

20 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/girl.png
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
PNG image data, 320 x 352, 8-bit colormap, non-interlaced\012- data
Size
20 kB (20415 bytes)
Hash
3e9715aca14895be6809d18ee806d561
584fb439c7a6c3d9ac2cda1f3ee24212546d316c
5c30263d90e5109b19aec665afcf22292bff66fd158c31e34c08de212e14ecb7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/girl.png HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/png
Content-Length: 20415
Connection: keep-alive
ETag: "3e9715aca14895be6809d18ee806d561"
Last-Modified: Tue, 21 Nov 2023 12:29:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCE30A3A5E900
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223307#879530779/gid:0/gname:root/mode:33188/mtime:1655386486#508449000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:46.508449Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/age3_o.jpg

185.155.186.16

200 OK

7.7 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/age3_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
7.7 kB (7696 bytes)
Hash
47f8432cca02f63b701c2999eeea43ba
56d51f3b5039c7e60ad400f17e123a5dff714304
3cf09326ff416c5f53d81127aca350009110721c6ea1e879a363d71018bf2b88

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/age3_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 7696
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "47f8432cca02f63b701c2999eeea43ba"
Last-Modified: Mon, 20 Feb 2023 09:30:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 179CCDFB5775DAF6
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843511#483933773/gid:0/gname:root/mode:33188/mtime:1655386485#980447000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:45.980447Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/age4_o.jpg

185.155.186.16

200 OK

6.9 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/age4_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
6.9 kB (6924 bytes)
Hash
7d81b6b005bf4b955b5e6297172c5a8d
0bae48d0799d12602b3166a19472e1db6fedc248
d4c8c2b2cc9bf5d502fc17d4f83ca73c4c9cbfbdff6624b3d00ba2e05f3efe94

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/age4_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 6924
Connection: keep-alive
ETag: "7d81b6b005bf4b955b5e6297172c5a8d"
Last-Modified: Wed, 20 Sep 2023 15:21:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCE718412B055
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134504#780010470/gid:0/gname:root/mode:33188/mtime:1655386486#44448000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:46.044448Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/age5_o.jpg

185.155.186.16

200 OK

7.2 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/age5_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
7.2 kB (7158 bytes)
Hash
7f23ba7584e5f2f5f5bc1129a7a21492
141963c0678f4591441797f99a45a03616f5c8fb
a3f7fb4399ca65391f898e2346c079e1706165a02c04db92babe675b5cdeb490

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/age5_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 7158
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "7f23ba7584e5f2f5f5bc1129a7a21492"
Last-Modified: Mon, 20 Feb 2023 09:30:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 179CCE7189552629
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843511#483933773/gid:0/gname:root/mode:33188/mtime:1655386486#108448000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:46.108448Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/relations1_o.jpg

185.155.186.16

200 OK

9.6 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/relations1_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
9.6 kB (9613 bytes)
Hash
974ca1664d2cea320c17179302d33d4e
dc48c7bc4b20d281f190ff2ad5579df2f853864e
a66348a7dfa7072dedec904d8069b573678ca9bb73168170ed010640ef929af1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/relations1_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 9613
Connection: keep-alive
ETag: "974ca1664d2cea320c17179302d33d4e"
Last-Modified: Tue, 21 Nov 2023 12:29:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCE718807737D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223307#883530789/gid:0/gname:root/mode:33188/mtime:1655386486#568449000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:46.568449Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/relations2_o.jpg

185.155.186.16

200 OK

9.1 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/relations2_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
9.1 kB (9079 bytes)
Hash
90448128e70479a071e70b19b0f8b187
4a4e5f480b8df6e6fa4fd1ce2579a7eb33afdaf6
ca08d85836df6ab8247acd0df5c027ec6e5d63fd436b9ebef5769fae98252638

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/relations2_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 9079
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "90448128e70479a071e70b19b0f8b187"
Last-Modified: Mon, 20 Feb 2023 09:30:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 179CCDED696BFD82
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843511#487933778/gid:0/gname:root/mode:33188/mtime:1655386486#632449000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:46.632449Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/fonts/QuattrocentoSans.ttf

185.155.186.16

200 OK

78 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/fonts/QuattrocentoSans.ttf
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
TrueType Font data, 16 tables, 1st "GPOS", 7 names, Microsoft, language 0x409, type 1 string, Quattrocento SansRegularPabloImpallari,IginoMarini,BrendaGallo: Quattrocento Sans: 2011Version 2\012- data
Size
78 kB (78036 bytes)
Hash
ce091a3d610240f8ea45c336266b5792
240eb69d6e901909208105620256e0871ef9737f
8a1e4d8cb32309d03e754bbff5cf0dea8cb14973a0a650c1cb58b8592f5da13a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/fonts/QuattrocentoSans.ttf HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/media/casual/toon3/css/style_alt.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: font/ttf
Content-Length: 78036
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://casualdatesconnect.life
Access-Control-Expose-Headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
ETag: "ce091a3d610240f8ea45c336266b5792"
Last-Modified: Wed, 20 Sep 2023 15:21:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCD57492A4455
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134504#780010470/gid:0/gname:root/mode:33188/mtime:1655386485#660447000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:45.660447Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/relations3_o.jpg

185.155.186.16

200 OK

9.4 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/relations3_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
9.4 kB (9360 bytes)
Hash
4d3d38adf2f0ce332b20112bd35cd8bf
6b4c3de36268a2459f4970779ab51efbf5b5ccf5
2f824639869c4c24dc402ace4994ff5e628f7a48dd39dc5598ce36136f26719f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/relations3_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 9360
Connection: keep-alive
ETag: "4d3d38adf2f0ce332b20112bd35cd8bf"
Last-Modified: Wed, 20 Sep 2023 15:21:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCE4D91B89EC2
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134504#780010470/gid:0/gname:root/mode:33188/mtime:1655386486#692449000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:46.692449Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/relations4_o.jpg

185.155.186.16

200 OK

7.5 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/relations4_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
7.5 kB (7546 bytes)
Hash
b3160168c65670576b0c54f6ef80c972
4b4c73fea6466f0733dbe55b7b60d0fa5b05ccd7
d26ed7a1ce5bc3a33d1d88b0b04c0c7ee156c59149af8409eb308581eea87f45

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/relations4_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 7546
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "b3160168c65670576b0c54f6ef80c972"
Last-Modified: Mon, 20 Feb 2023 09:30:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 179CCDFF094D0056
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843511#487933778/gid:0/gname:root/mode:33188/mtime:1655386486#752449000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:46.752449Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/relations5_o.jpg

185.155.186.16

200 OK

8.3 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/relations5_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
8.3 kB (8333 bytes)
Hash
c8977e9f072bac461be435c71ffd01d0
f13fbff743f380f87271d37af099e83ad8186e61
ad74a6271b89a55e3df1ec7dfd3c938024b701b0d5ef3bf939793e30b8100bf8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/relations5_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 8333
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "c8977e9f072bac461be435c71ffd01d0"
Last-Modified: Mon, 20 Feb 2023 09:30:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 179CCE4B76C20B38
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843511#487933778/gid:0/gname:root/mode:33188/mtime:1655386486#816449000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:46.816449Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/body1_o.jpg

185.155.186.16

200 OK

9.4 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/body1_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
9.4 kB (9351 bytes)
Hash
85ccecbbf23425d18c7c012f7341ce27
7317eda85c061ee60c072d89fe407f37c26c0d1e
1b10dd2a543fef61a4a61836377e5461b57c95dd95d12f1e35c57b26d7edf834

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/body1_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 9351
Connection: keep-alive
ETag: "85ccecbbf23425d18c7c012f7341ce27"
Last-Modified: Wed, 20 Sep 2023 15:21:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCE30A3B8CB0A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134504#780010470/gid:0/gname:root/mode:33188/mtime:1655386486#176448000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:46.176448Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

zodiacranbehalf.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSvW8cxRuezfmnXwQNRDRIFCcKBBI67973kSIQgpGFY5skyPXszOx54tmd1cx%2BnF05RIpSHqIBqvVzdqwEC5E%2FAITONJEFkq9BLuKCDokGIUUp0V5OOnilmfd953mL53neubeXnhMPKT1bv653pFJ0sVVzq29vyIjr3FZXb1U9t%2BZerm7IqN28XB2Ul8ne89xWzX2n%2BrFgW3qx7nqu67ledUkaEejB4hSFjI96Xq3n1pr1mtdqYmD%2B29vUgaUOeHZOLkHyyf82nzyGZGNE4ffXhN1KdPzuR2GqaKINMn74WbQV6TxCOC8D4yCIDmfT0HZCyFcXoKPDmQLobL9UAF9OiPObBz86nNGEnx28YOoriAg%2Bfxl5NoZQY0g6BtN3IfkpARjH6hqi8MGqNjndfoHSEp2QhWd%2FQ%2BYTsvD0NUThd1eVHFRvapUmUkcWg6CAHIwh%2B2PE6TGSHQcyPwZLPofkv5LFZyuIwv01qzQkL6bqpRxDBmMoMQS1DtLySAdp4CCNHYT8rEpbvcB1O4EfNBrdJmOs0WCs1W3zFm80u4GLlJX0hkjiIZgagpldxGYXW%2FKL09YlmPQn2M0CljuwyYQ4n%2B4i4wVyQZBbgpwS5JIgTwjyrDjgytZt8YArm%2FreLNdnuVGMdNLfowc66YuIgJrhXnxOXp3a8%2Fz3%2F2NLnFVZz6s3vHaH1hvtNm%2B0XcabvOtyyuuUNVpdWFlA2gtTxTvlrnARcZmv%2FwmfHsOqYzBZAU090HzUqbugm6Nm18VO9DBL%2B4rWmA7BdYE4WUCy7eypc%2FL6lMSblXMIdnLl0RtHF723%2FgAzBWJT4Lb8maCv7o9u6Jzs39C5JY%2FX4kSGcoeW%2B7uZ0ERUHn0itnNt%2BPI1O3z4ASuBsjy6JWyyQiMuo74l316VnAuzpA0T5IdluyH89dRuXk1NlMYr6x8uLYexEdZKHY1B5enaczA5IQt3fpz%2BzFd%2BuQdpxjBpgTA9IbOA1Mdg8S5sPGdvNYFR8xk%2FvoA8LUam7s8flSRQYt5Tv4D9V%2B%2FP6z17H31TAU3uIgoLZKZApgpQNYRNXxolsTm58uTrMr6BryojX5nKvq%2BM%2BrK09unU3wnp3PkLVp5VRStwA%2BHWhR%2F0%2FKBDXd4Lmj2f9jzR8VvUQ2In4vb7Z%2F8AAAD%2F%2FwEAAP%2F%2FZLAS83sEAAA%3D

173.233.137.60

200 OK

7 B

URL GET HTTP/1.1
zodiacranbehalf.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSvW8cxRuezfmnXwQNRDRIFCcKBBI67973kSIQgpGFY5skyPXszOx54tmd1cx%2BnF05RIpSHqIBqvVzdqwEC5E%2FAITONJEFkq9BLuKCDokGIUUp0V5OOnilmfd953mL53neubeXnhMPKT1bv653pFJ0sVVzq29vyIjr3FZXb1U9t%2BZerm7IqN28XB2Ul8ne89xWzX2n%2BrFgW3qx7nqu67ledUkaEejB4hSFjI96Xq3n1pr1mtdqYmD%2B29vUgaUOeHZOLkHyyf82nzyGZGNE4ffXhN1KdPzuR2GqaKINMn74WbQV6TxCOC8D4yCIDmfT0HZCyFcXoKPDmQLobL9UAF9OiPObBz86nNGEnx28YOoriAg%2Bfxl5NoZQY0g6BtN3IfkpARjH6hqi8MGqNjndfoHSEp2QhWd%2FQ%2BYTsvD0NUThd1eVHFRvapUmUkcWg6CAHIwh%2B2PE6TGSHQcyPwZLPofkv5LFZyuIwv01qzQkL6bqpRxDBmMoMQS1DtLySAdp4CCNHYT8rEpbvcB1O4EfNBrdJmOs0WCs1W3zFm80u4GLlJX0hkjiIZgagpldxGYXW%2FKL09YlmPQn2M0CljuwyYQ4n%2B4i4wVyQZBbgpwS5JIgTwjyrDjgytZt8YArm%2FreLNdnuVGMdNLfowc66YuIgJrhXnxOXp3a8%2Fz3%2F2NLnFVZz6s3vHaH1hvtNm%2B0XcabvOtyyuuUNVpdWFlA2gtTxTvlrnARcZmv%2FwmfHsOqYzBZAU090HzUqbugm6Nm18VO9DBL%2B4rWmA7BdYE4WUCy7eypc%2FL6lMSblXMIdnLl0RtHF723%2FgAzBWJT4Lb8maCv7o9u6Jzs39C5JY%2FX4kSGcoeW%2B7uZ0ERUHn0itnNt%2BPI1O3z4ASuBsjy6JWyyQiMuo74l316VnAuzpA0T5IdluyH89dRuXk1NlMYr6x8uLYexEdZKHY1B5enaczA5IQt3fpz%2BzFd%2BuQdpxjBpgTA9IbOA1Mdg8S5sPGdvNYFR8xk%2FvoA8LUam7s8flSRQYt5Tv4D9V%2B%2FP6z17H31TAU3uIgoLZKZApgpQNYRNXxolsTm58uTrMr6BryojX5nKvq%2BM%2BrK09unU3wnp3PkLVp5VRStwA%2BHWhR%2F0%2FKBDXd4Lmj2f9jzR8VvUQ2In4vb7Z%2F8AAAD%2F%2FwEAAP%2F%2FZLAS83sEAAA%3D
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectzodiacranbehalf.com
FingerprintC4:B7:E3:A3:79:90:C8:FB:50:CB:DE:BE:B5:A3:7F:86:F6:0F:4E:60
ValidityTue, 28 Nov 2023 07:59:32 GMT - Mon, 26 Feb 2024 07:59:31 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSvW8cxRuezfmnXwQNRDRIFCcKBBI67973kSIQgpGFY5skyPXszOx54tmd1cx%2BnF05RIpSHqIBqvVzdqwEC5E%2FAITONJEFkq9BLuKCDokGIUUp0V5OOnilmfd953mL53neubeXnhMPKT1bv653pFJ0sVVzq29vyIjr3FZXb1U9t%2BZerm7IqN28XB2Ul8ne89xWzX2n%2BrFgW3qx7nqu67ledUkaEejB4hSFjI96Xq3n1pr1mtdqYmD%2B29vUgaUOeHZOLkHyyf82nzyGZGNE4ffXhN1KdPzuR2GqaKINMn74WbQV6TxCOC8D4yCIDmfT0HZCyFcXoKPDmQLobL9UAF9OiPObBz86nNGEnx28YOoriAg%2Bfxl5NoZQY0g6BtN3IfkpARjH6hqi8MGqNjndfoHSEp2QhWd%2FQ%2BYTsvD0NUThd1eVHFRvapUmUkcWg6CAHIwh%2B2PE6TGSHQcyPwZLPofkv5LFZyuIwv01qzQkL6bqpRxDBmMoMQS1DtLySAdp4CCNHYT8rEpbvcB1O4EfNBrdJmOs0WCs1W3zFm80u4GLlJX0hkjiIZgagpldxGYXW%2FKL09YlmPQn2M0CljuwyYQ4n%2B4i4wVyQZBbgpwS5JIgTwjyrDjgytZt8YArm%2FreLNdnuVGMdNLfowc66YuIgJrhXnxOXp3a8%2Fz3%2F2NLnFVZz6s3vHaH1hvtNm%2B0XcabvOtyyuuUNVpdWFlA2gtTxTvlrnARcZmv%2FwmfHsOqYzBZAU090HzUqbugm6Nm18VO9DBL%2B4rWmA7BdYE4WUCy7eypc%2FL6lMSblXMIdnLl0RtHF723%2FgAzBWJT4Lb8maCv7o9u6Jzs39C5JY%2FX4kSGcoeW%2B7uZ0ERUHn0itnNt%2BPI1O3z4ASuBsjy6JWyyQiMuo74l316VnAuzpA0T5IdluyH89dRuXk1NlMYr6x8uLYexEdZKHY1B5enaczA5IQt3fpz%2BzFd%2BuQdpxjBpgTA9IbOA1Mdg8S5sPGdvNYFR8xk%2FvoA8LUam7s8flSRQYt5Tv4D9V%2B%2FP6z17H31TAU3uIgoLZKZApgpQNYRNXxolsTm58uTrMr6BryojX5nKvq%2BM%2BrK09unU3wnp3PkLVp5VRStwA%2BHWhR%2F0%2FKBDXd4Lmj2f9jzR8VvUQ2In4vb7Z%2F8AAAD%2F%2FwEAAP%2F%2FZLAS83sEAAA%3D HTTP/1.1
Host: zodiacranbehalf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=16310791; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 63280ce669feb1803d858cd06498b700
Strict-Transport-Security: max-age=0; includeSubdomains

casualdatesconnect.life/media/casual/toon3/fonts/QuattrocentoSansBold.ttf

185.155.186.16

200 OK

80 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/fonts/QuattrocentoSansBold.ttf
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
TrueType Font data, 16 tables, 1st "GPOS", 7 names, Microsoft, language 0x409, type 1 string, Quattrocento SansBoldPabloImpallari,IginoMarini,BrendaGallo: Quattrocento Sans Bold: 2011Quattro\012- data
Size
80 kB (79848 bytes)
Hash
b80c7c5dc4739cd94fbc56b2f57509c4
ae800186fbcf2c85b1d9f271b69455c8ad5c8f40
fc24aac0d90f109b21b91a1c7171a9e96cf056ac8eb888be2a9d3d35d35ac795

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/fonts/QuattrocentoSansBold.ttf HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/media/casual/toon3/css/style_alt.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: font/ttf
Content-Length: 79848
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://casualdatesconnect.life
Access-Control-Expose-Headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
ETag: "b80c7c5dc4739cd94fbc56b2f57509c4"
Last-Modified: Wed, 20 Sep 2023 15:21:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCD7A1180F53A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134504#780010470/gid:0/gname:root/mode:33188/mtime:1655386485#792447000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:45.792447Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

casualdatesconnect.life/media/casual/toon3/images/body2_o.jpg

185.155.186.16

200 OK

7.1 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/images/body2_o.jpg
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size
7.1 kB (7139 bytes)
Hash
25ead115fd19de86d001b9ea0e530b98
2f87b29630774c703ddd5b3f63c598099741589c
3b654731702ea10a66129af5b97f7dad0db5f60ef6ee0960ce99b7bf9ee6face

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/images/body2_o.jpg HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/jpeg
Content-Length: 7139
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "25ead115fd19de86d001b9ea0e530b98"
Last-Modified: Mon, 20 Feb 2023 09:30:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 179CCE3058639A35
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843511#483933773/gid:0/gname:root/mode:33188/mtime:1655386486#236448000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:46.236448Z
Expires: Sat, 30 Nov 2024 20:23:54 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

zodiacranbehalf.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js

173.233.137.60

200 OK

23 kB

URL GET HTTP/1.1
zodiacranbehalf.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectzodiacranbehalf.com
FingerprintC4:B7:E3:A3:79:90:C8:FB:50:CB:DE:BE:B5:A3:7F:86:F6:0F:4E:60
ValidityTue, 28 Nov 2023 07:59:32 GMT - Mon, 26 Feb 2024 07:59:31 GMT

File type
ASCII text, with very long lines (59677), with no line terminators
Size
23 kB (23364 bytes)
Hash
7adeaba815dcf929fa4ece20dc8e622d
d788521babb3def8852bf140e6cee6422ba2763a
64605c364a50ae8578f4543a620e2b58d3c0cf7590e8f11b11bad912dc414f0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: zodiacranbehalf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=16310791; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5db105ee93f1a5d057bc4059e3d837a2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

curryoxygencheaper.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRut3uzvhyAKBvEfCHMIqOjOdvd078yYw2qMCcH8M4nmanVV9Wxlq7uaqu7pzZ42BjTHCXrw2PtmkzUaxFwFiczqQQYCOx5khKxXQQUhkLPM7MDid6jvq3rv8N776pPNYo94KOj4%2FBm9LpWii2Hdrb16WaZcl7Z29lLNc%2Bvu0dplmS4FR2trk8N03%2FTcsO6%2BVjsp2Kpe9F3PdT3Xq52QRsR6bXGKQmZ321697dYDv%2B6FAdbMf%2B%2B2cGCpA97dI4ch%2Beh%2FKz%2Ffg2QDpMm3x4VdzXX2xrtJoWiuDbp8%2B4N0NdVliuRgjI2DON2esaHtiJAv5qDT7ZkD6O7WxAEiOSLOrx6idHsmE1H31r7SSEGkiPiTKLsDCDWApAMwfR2S7xKAcZw9hzS5fVabkl7dR%2BkEHZH5x48gyxGZf%2Fgs0uSbY0qu1S5qVeRSpxZrcQW5NoDsDJAVO8jXHchyByz%2FGJI%2FIIuPTyNNts5ZpSH5%2BIhLaXupGbMF3%2Ff8hSBuNReisNFcaHLaFDRmwg1b04ikHEDGAyjRA7WHUFgHhXRQxA6KzEHCxzUatmPXbcZR3Gi0AsZYo8FY2FriIW8ErdhFwSYeesizHpjqgZkNZGYDq%2FLmbngYpvgBdqWC5XOw%2BYg472%2BgyyuUgqC0BCUlKCVBmROU3eoWV9a31W2ubBF5s%2B7PeqPq67yzSW%2FpvCNSAmp6m9keeWaa4Z9%2FtLAqxjXuNZqu77f9MGLMp0stN27RIGguxXE78IIAVlaQdg7UOlifLBRPIJv0M38hojuwagdMHgItXgYt%2B03fBV3pBy0X6%2BmdbtFRtM50Aq4rZPk88qvOptojL05FnPz8GgQbLv%2F99IfzL3xWgJkKmalwRf5I0FE3%2Bhd0SbYu6NKSe%2BeyXCZynU6WfDGnuZj%2F6j1xtdSGnzpue3feZhNgMt69JGx%2BmqZcph1Lvj4mORfmhDZMkO9P2csiOl%2FYlWOFSYvs9Pl3TpxKMiOslTodgMrdj%2B6DyRF56vby9Pu%2B8uV3kGYAU1RIiiGZFaTeAcs2YLPh8u8Pxs99%2BvocrCYw6oATZQ7KouobPzp4VHJE%2FEfPQ4nh8k%2FX%2Fn%2Fk4eJLoFEFKw5iiMTw%2Fj%2F7%2FE17Ax3jgObXkSYVuqZCV1WgqgdbHOrnmRku%2F9KYFiLl9CNlnK1IGXVzP14rxzURxm4sXF9EcTuKm9Tl7ThoR7TtiWYUUg%2B5HYkrb%2F32LwAAAP%2F%2FAQAA%2F%2F9tjyGemgQAAA%3D%3D

173.233.137.36

200 OK

7 B

URL GET HTTP/1.1
curryoxygencheaper.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRut3uzvhyAKBvEfCHMIqOjOdvd078yYw2qMCcH8M4nmanVV9Wxlq7uaqu7pzZ42BjTHCXrw2PtmkzUaxFwFiczqQQYCOx5khKxXQQUhkLPM7MDid6jvq3rv8N776pPNYo94KOj4%2FBm9LpWii2Hdrb16WaZcl7Z29lLNc%2Bvu0dplmS4FR2trk8N03%2FTcsO6%2BVjsp2Kpe9F3PdT3Xq52QRsR6bXGKQmZ321697dYDv%2B6FAdbMf%2B%2B2cGCpA97dI4ch%2Beh%2FKz%2Ffg2QDpMm3x4VdzXX2xrtJoWiuDbp8%2B4N0NdVliuRgjI2DON2esaHtiJAv5qDT7ZkD6O7WxAEiOSLOrx6idHsmE1H31r7SSEGkiPiTKLsDCDWApAMwfR2S7xKAcZw9hzS5fVabkl7dR%2BkEHZH5x48gyxGZf%2Fgs0uSbY0qu1S5qVeRSpxZrcQW5NoDsDJAVO8jXHchyByz%2FGJI%2FIIuPTyNNts5ZpSH5%2BIhLaXupGbMF3%2Ff8hSBuNReisNFcaHLaFDRmwg1b04ikHEDGAyjRA7WHUFgHhXRQxA6KzEHCxzUatmPXbcZR3Gi0AsZYo8FY2FriIW8ErdhFwSYeesizHpjqgZkNZGYDq%2FLmbngYpvgBdqWC5XOw%2BYg472%2BgyyuUgqC0BCUlKCVBmROU3eoWV9a31W2ubBF5s%2B7PeqPq67yzSW%2FpvCNSAmp6m9keeWaa4Z9%2FtLAqxjXuNZqu77f9MGLMp0stN27RIGguxXE78IIAVlaQdg7UOlifLBRPIJv0M38hojuwagdMHgItXgYt%2B03fBV3pBy0X6%2BmdbtFRtM50Aq4rZPk88qvOptojL05FnPz8GgQbLv%2F99IfzL3xWgJkKmalwRf5I0FE3%2Bhd0SbYu6NKSe%2BeyXCZynU6WfDGnuZj%2F6j1xtdSGnzpue3feZhNgMt69JGx%2BmqZcph1Lvj4mORfmhDZMkO9P2csiOl%2FYlWOFSYvs9Pl3TpxKMiOslTodgMrdj%2B6DyRF56vby9Pu%2B8uV3kGYAU1RIiiGZFaTeAcs2YLPh8u8Pxs99%2BvocrCYw6oATZQ7KouobPzp4VHJE%2FEfPQ4nh8k%2FX%2Fn%2Fk4eJLoFEFKw5iiMTw%2Fj%2F7%2FE17Ax3jgObXkSYVuqZCV1WgqgdbHOrnmRku%2F9KYFiLl9CNlnK1IGXVzP14rxzURxm4sXF9EcTuKm9Tl7ThoR7TtiWYUUg%2B5HYkrb%2F32LwAAAP%2F%2FAQAA%2F%2F9tjyGemgQAAA%3D%3D
IP
173.233.137.36:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectcurryoxygencheaper.com
FingerprintF2:DD:AF:D4:3D:96:F2:C2:C1:37:D0:07:73:80:BA:7B:02:75:3E:DC
ValidityTue, 28 Nov 2023 08:20:34 GMT - Mon, 26 Feb 2024 08:20:33 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRut3uzvhyAKBvEfCHMIqOjOdvd078yYw2qMCcH8M4nmanVV9Wxlq7uaqu7pzZ42BjTHCXrw2PtmkzUaxFwFiczqQQYCOx5khKxXQQUhkLPM7MDid6jvq3rv8N776pPNYo94KOj4%2FBm9LpWii2Hdrb16WaZcl7Z29lLNc%2Bvu0dplmS4FR2trk8N03%2FTcsO6%2BVjsp2Kpe9F3PdT3Xq52QRsR6bXGKQmZ321697dYDv%2B6FAdbMf%2B%2B2cGCpA97dI4ch%2Beh%2FKz%2Ffg2QDpMm3x4VdzXX2xrtJoWiuDbp8%2B4N0NdVliuRgjI2DON2esaHtiJAv5qDT7ZkD6O7WxAEiOSLOrx6idHsmE1H31r7SSEGkiPiTKLsDCDWApAMwfR2S7xKAcZw9hzS5fVabkl7dR%2BkEHZH5x48gyxGZf%2Fgs0uSbY0qu1S5qVeRSpxZrcQW5NoDsDJAVO8jXHchyByz%2FGJI%2FIIuPTyNNts5ZpSH5%2BIhLaXupGbMF3%2Ff8hSBuNReisNFcaHLaFDRmwg1b04ikHEDGAyjRA7WHUFgHhXRQxA6KzEHCxzUatmPXbcZR3Gi0AsZYo8FY2FriIW8ErdhFwSYeesizHpjqgZkNZGYDq%2FLmbngYpvgBdqWC5XOw%2BYg472%2BgyyuUgqC0BCUlKCVBmROU3eoWV9a31W2ubBF5s%2B7PeqPq67yzSW%2FpvCNSAmp6m9keeWaa4Z9%2FtLAqxjXuNZqu77f9MGLMp0stN27RIGguxXE78IIAVlaQdg7UOlifLBRPIJv0M38hojuwagdMHgItXgYt%2B03fBV3pBy0X6%2BmdbtFRtM50Aq4rZPk88qvOptojL05FnPz8GgQbLv%2F99IfzL3xWgJkKmalwRf5I0FE3%2Bhd0SbYu6NKSe%2BeyXCZynU6WfDGnuZj%2F6j1xtdSGnzpue3feZhNgMt69JGx%2BmqZcph1Lvj4mORfmhDZMkO9P2csiOl%2FYlWOFSYvs9Pl3TpxKMiOslTodgMrdj%2B6DyRF56vby9Pu%2B8uV3kGYAU1RIiiGZFaTeAcs2YLPh8u8Pxs99%2BvocrCYw6oATZQ7KouobPzp4VHJE%2FEfPQ4nh8k%2FX%2Fn%2Fk4eJLoFEFKw5iiMTw%2Fj%2F7%2FE17Ax3jgObXkSYVuqZCV1WgqgdbHOrnmRku%2F9KYFiLl9CNlnK1IGXVzP14rxzURxm4sXF9EcTuKm9Tl7ThoR7TtiWYUUg%2B5HYkrb%2F32LwAAAP%2F%2FAQAA%2F%2F9tjyGemgQAAA%3D%3D HTTP/1.1
Host: curryoxygencheaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=15460408; uid_id2=0aa967fc-2212-4f87-b537-7da7eafce058:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6966e2839abc1b2ef5afc6ac15c0dd2c
Strict-Transport-Security: max-age=0; includeSubdomains

casualdatesconnect.life/media/casual/toon3/js/jquery-1.11.1.min.js

185.155.186.16

200 OK

96 kB

URL GET HTTP/1.1
casualdatesconnect.life/media/casual/toon3/js/jquery-1.11.1.min.js
IP
185.155.186.16:443
ASN
#203639 Tekka Digital SA

Requested by
https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Certificate
IssuerLet's Encrypt
Subjectcasualdatesconnect.life
FingerprintAE:00:B5:95:1E:0A:78:62:6A:7F:6B:11:E2:38:9D:D6:A9:5C:A4:24
ValidityTue, 10 Oct 2023 08:30:17 GMT - Mon, 08 Jan 2024 08:30:16 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
96 kB (95699 bytes)
Hash
612ce073e0525fda305524a4a9949587
a87a1ec66b4a404b2f793f2de9f806955e8952cf
a181a613a6eeab77259b1d6537f82fd28f4cb38fa41e43af8d1677a3542e74bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/casual/toon3/js/jquery-1.11.1.min.js HTTP/1.1
Host: casualdatesconnect.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casualdatesconnect.life/?u=68rp60a&o=ufgk6ez&t=propcasualpush&cid=JEPHVzwuQEiVUwDEuzVULw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 01 Dec 2023 20:23:53 GMT
Content-Type: text/javascript
Content-Length: 95699
Connection: keep-alive
ETag: "612ce073e0525fda305524a4a9949587"
Last-Modified: Tue, 21 Nov 2023 12:29:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179CCE4D2FB025C3
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223307#903530832/gid:0/gname:root/mode:33188/mtime:1655386486#952449000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:34:46.952449Z
Expires: Sat, 30 Nov 2024 20:23:53 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/img/close.png

172.64.109.10

200 OK

9.0 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/img/close.png
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
PNG image data, 497 x 496, 8-bit/color RGBA, non-interlaced\012- data
Size
9.0 kB (8952 bytes)
Hash
b080cbdd5cc827b5a659a45676c079d4
3502ad6743a3a42dd92ee3cea142616356f47359
c89d28b4be45a7af77493e8f6c76894a7ba86469e5b6733e6ca3cb33eaabcd8f

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:54 GMT
content-type: image/png
content-length: 8952
last-modified: Thu, 19 Oct 2023 15:25:30 GMT
etag: "65314a6a-22f8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1604452
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pj5P0jv%2BRZtO8I85HGa5A%2F%2FhTgtsRv63dp5g70EuzyyDsCPxLccx3ifWkWF8yPNb2Vr7CSAnY5M%2B5rqVRIH6hxfTTGQmK809xFj95%2FjxEB9J%2BmM80pRaQT5zVBqZfaYC5Kw2AF%2BwJ%2Bne"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cf58fb16550-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/img/bg.jpg

172.64.109.10

200 OK

197 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/img/bg.jpg
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size
197 kB (196572 bytes)
Hash
0f268ac97ce309645d705ae25e03383b
4c1462adfe8488d6f43f5a56a36b6302a29ac054
9d809e2358a07890e0a8683526070118f7c1056f25e30aee0fdfd020d6377bad

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/img/bg.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:54 GMT
content-type: image/jpeg
content-length: 196572
last-modified: Thu, 19 Oct 2023 15:25:32 GMT
etag: "65314a6c-2ffdc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 222632
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44MStd3qIfbIiOaNgI3QVth9NTLjvpBmMsiLvJs0%2BuM69jq7Dm6vbMDpEzR9BmgJrJjX6YebXGNOKGTkdeQB6vA6i6bAToN3xy4xbq40p%2BnELBdxksTWTowLjj6ig02w9XQZPbS%2BZ827"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cf58fb86550-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/js/script.js

172.64.109.10

200 OK

2.0 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/js/script.js
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
Unicode text, UTF-8 text
Size
2.0 kB (2036 bytes)
Hash
b64985705b68c11b9b30d7ca43e1f095
8b5d6dc7edce43d08791bbf7aec72e15dabe528d
29ad23b2ed8670b41c45429c724b7939b4b0643db9d555b79868337aaa8afca0

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:54 GMT
content-type: application/javascript
last-modified: Thu, 19 Oct 2023 15:25:32 GMT
etag: W/"65314a6c-f3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhegtj4MsaM7aoxEJYxyaQXyWaFNKLrk0ZueG1tEd6Y5EiGNh6cunD%2BBmPJoxMq2QlULIW%2BEV85zhMpZztlmDNUHTgF9PFvrmLTjh8Wc2GhXo9B5xJW%2Bf1mE1IsZGa8y4YA9LCrHzbJm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cf56f7c6550-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

admissiblecontradictthrone.com/pixel/purst?dl=0&th=0&sc=0&rs=6538&rd=6538&fd=556&bv=23.11.v.8&tmpl=136

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
admissiblecontradictthrone.com/pixel/purst?dl=0&th=0&sc=0&rs=6538&rd=6538&fd=556&bv=23.11.v.8&tmpl=136
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectadmissiblecontradictthrone.com
Fingerprint90:54:BF:2D:0E:36:25:A2:57:CF:C9:5B:86:C3:FA:F2:03:14:94:09
ValidityTue, 28 Nov 2023 10:38:30 GMT - Mon, 26 Feb 2024 10:38:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=6538&rd=6538&fd=556&bv=23.11.v.8&tmpl=136 HTTP/1.1
Host: admissiblecontradictthrone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 01 Dec 2023 20:23:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/css/style.css

172.64.109.10

200 OK

1.1 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/css/style.css
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text
Size
1.1 kB (1069 bytes)
Hash
d33c62ba093179032ae454a879d99dd8
e6695c9d7c20dd4c70af4591eeab323013b10793
41e38913ec982b1d9f0c7f756b640f7320249b78a4a942e691380a678b6d72f4

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:54 GMT
content-type: text/css
last-modified: Thu, 19 Oct 2023 15:30:48 GMT
etag: W/"65314ba8-d55"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnR875fMzowd8GO3ZE3%2FS7HgvY4dyTHF%2BEtz%2BeW0uW%2Frm2R0CRkaD1DQUcvzhRnE5Vc58FzCqtLsYVVQYZZl0lctgDjCLIliNfgkMJTPxVbpqRCO2GAXm4Li1ljH9rlhMcFZVdlhrxGA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cf56f7f6550-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 141981
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 169799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

curryoxygencheaper.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRut3uzvhyAKBvEfCHMIqOjOdvf0bPeYw2qMCcH8M4nmanVV9Wxlq7uaqu7pzZ42BjTHCXrw2PtmkzUaxFwFiczqQRYCOx5khaxXQQUhkLPM7MDid6jvq3rv8N776pP1co94KOnu%2BTN6VSpF59tNt%2FHqZZlxXdnG2UsNz226RxuXZbYQHG2sjA%2FTe9Nz2033tcZJwZb1vO96ruu5XuOENCLRK%2FMTFDK%2F2%2FGaHbcZ%2BE2vHWDF%2FPduSweWOuC9PXIYko%2F%2Bt%2FTzPUg2RJZ%2Be1zY5ULnb7yblooW2qDHNz%2FIljNdZUgPxsQ4SLLNKRvajgj5YgY625w6gO5tjB0gliPi%2FOohzjanMhH3bu0rjRVEhpg%2Fiao3hFBDSDoE09ch%2BQ4BGMfZc8jS22e1qejVfZSO0RGZffwIshqR2YfPIku%2FOabkSuOiVmUhdWaxktSQK0PI7hB5uYVi1YGstsCKjyH5AzL%2F%2BDSydOOcVRqS7x5xKe0shAmb833PnwuSKJyL261wLuQ0FDRhwm1Hk4ikHEImQyjRB7WHUFoHpXRQJg7K3EHKdxu03UlcN0zipNWKAsZYq8VYO1rgbd4KosRFycYe%2BijyPpjqg5k15GYNy%2FLmTvswTPkD7FINy2dgixFx3l9Dj9eoBEFlCSpKUEmCqiCoevUtrqxv69tc2TL2pt2f9lY90EV3nd7SRVdkBNT01%2FM98swkwz%2F%2FiLAsdhvca4Wu73f8dsyYTxciN4loEIQLSdIJvCCAlTWknQG1DlbHC8UTyMf9zF%2BI6Ras2gKTh0DLl0GrQei7oEuDIHKxmt3plV1Fm0yn4LpGXsyiuOqsqz3y4kTEyc%2BvQbDtxb%2Bf%2FnD2hc9KMFMjNzWuyB8JuurG4IKuyMYFXVly71xeyFSu0vGSLxa0ELNfvSeuVtrwU8dt%2F87bbAyMx7uXhC1O04zLrGvJ18ck58Kc0IYJ8v0pe1nE50u7dKw0WZmfPv%2FOiVNpboS1UmdDULnz0X0wOSJP3V6cfN9XvvwO0gxhyhppuU2mBam3wPI12Hx78fcHu899%2BvoMrCYw6oAT5w6qsh4YPz54VHJE%2FEfPQ4ntxZ%2Bu%2Ff%2FIw%2FmXQOMaVhzEEIvt%2B%2F%2Fs89ftDXSNA1pcR5bW6JkaPVWDqj5seWhQ5GZ78ZfWpBArZxAr42zEyqib%2B%2FFaudtoe4GI4ihknMeCcS%2F0W1HLdX3Og7AjvA4KOxJX3vrtXwAAAP%2F%2FAQAA%2F%2F95h694mgQAAA%3D%3D

173.233.137.36

200 OK

7 B

URL GET HTTP/1.1
curryoxygencheaper.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRut3uzvhyAKBvEfCHMIqOjOdvf0bPeYw2qMCcH8M4nmanVV9Wxlq7uaqu7pzZ42BjTHCXrw2PtmkzUaxFwFiczqQRYCOx5khaxXQQUhkLPM7MDid6jvq3rv8N776pP1co94KOnu%2BTN6VSpF59tNt%2FHqZZlxXdnG2UsNz226RxuXZbYQHG2sjA%2FTe9Nz2033tcZJwZb1vO96ruu5XuOENCLRK%2FMTFDK%2F2%2FGaHbcZ%2BE2vHWDF%2FPduSweWOuC9PXIYko%2F%2Bt%2FTzPUg2RJZ%2Be1zY5ULnb7yblooW2qDHNz%2FIljNdZUgPxsQ4SLLNKRvajgj5YgY625w6gO5tjB0gliPi%2FOohzjanMhH3bu0rjRVEhpg%2Fiao3hFBDSDoE09ch%2BQ4BGMfZc8jS22e1qejVfZSO0RGZffwIshqR2YfPIku%2FOabkSuOiVmUhdWaxktSQK0PI7hB5uYVi1YGstsCKjyH5AzL%2F%2BDSydOOcVRqS7x5xKe0shAmb833PnwuSKJyL261wLuQ0FDRhwm1Hk4ikHEImQyjRB7WHUFoHpXRQJg7K3EHKdxu03UlcN0zipNWKAsZYq8VYO1rgbd4KosRFycYe%2BijyPpjqg5k15GYNy%2FLmTvswTPkD7FINy2dgixFx3l9Dj9eoBEFlCSpKUEmCqiCoevUtrqxv69tc2TL2pt2f9lY90EV3nd7SRVdkBNT01%2FM98swkwz%2F%2FiLAsdhvca4Wu73f8dsyYTxciN4loEIQLSdIJvCCAlTWknQG1DlbHC8UTyMf9zF%2BI6Ras2gKTh0DLl0GrQei7oEuDIHKxmt3plV1Fm0yn4LpGXsyiuOqsqz3y4kTEyc%2BvQbDtxb%2Bf%2FnD2hc9KMFMjNzWuyB8JuurG4IKuyMYFXVly71xeyFSu0vGSLxa0ELNfvSeuVtrwU8dt%2F87bbAyMx7uXhC1O04zLrGvJ18ck58Kc0IYJ8v0pe1nE50u7dKw0WZmfPv%2FOiVNpboS1UmdDULnz0X0wOSJP3V6cfN9XvvwO0gxhyhppuU2mBam3wPI12Hx78fcHu899%2BvoMrCYw6oAT5w6qsh4YPz54VHJE%2FEfPQ4ntxZ%2Bu%2Ff%2FIw%2FmXQOMaVhzEEIvt%2B%2F%2Fs89ftDXSNA1pcR5bW6JkaPVWDqj5seWhQ5GZ78ZfWpBArZxAr42zEyqib%2B%2FFaudtoe4GI4ihknMeCcS%2F0W1HLdX3Og7AjvA4KOxJX3vrtXwAAAP%2F%2FAQAA%2F%2F95h694mgQAAA%3D%3D
IP
173.233.137.36:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectcurryoxygencheaper.com
FingerprintF2:DD:AF:D4:3D:96:F2:C2:C1:37:D0:07:73:80:BA:7B:02:75:3E:DC
ValidityTue, 28 Nov 2023 08:20:34 GMT - Mon, 26 Feb 2024 08:20:33 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRut3uzvhyAKBvEfCHMIqOjOdvf0bPeYw2qMCcH8M4nmanVV9Wxlq7uaqu7pzZ42BjTHCXrw2PtmkzUaxFwFiczqQRYCOx5khaxXQQUhkLPM7MDid6jvq3rv8N776pP1co94KOnu%2BTN6VSpF59tNt%2FHqZZlxXdnG2UsNz226RxuXZbYQHG2sjA%2FTe9Nz2033tcZJwZb1vO96ruu5XuOENCLRK%2FMTFDK%2F2%2FGaHbcZ%2BE2vHWDF%2FPduSweWOuC9PXIYko%2F%2Bt%2FTzPUg2RJZ%2Be1zY5ULnb7yblooW2qDHNz%2FIljNdZUgPxsQ4SLLNKRvajgj5YgY625w6gO5tjB0gliPi%2FOohzjanMhH3bu0rjRVEhpg%2Fiao3hFBDSDoE09ch%2BQ4BGMfZc8jS22e1qejVfZSO0RGZffwIshqR2YfPIku%2FOabkSuOiVmUhdWaxktSQK0PI7hB5uYVi1YGstsCKjyH5AzL%2F%2BDSydOOcVRqS7x5xKe0shAmb833PnwuSKJyL261wLuQ0FDRhwm1Hk4ikHEImQyjRB7WHUFoHpXRQJg7K3EHKdxu03UlcN0zipNWKAsZYq8VYO1rgbd4KosRFycYe%2BijyPpjqg5k15GYNy%2FLmTvswTPkD7FINy2dgixFx3l9Dj9eoBEFlCSpKUEmCqiCoevUtrqxv69tc2TL2pt2f9lY90EV3nd7SRVdkBNT01%2FM98swkwz%2F%2FiLAsdhvca4Wu73f8dsyYTxciN4loEIQLSdIJvCCAlTWknQG1DlbHC8UTyMf9zF%2BI6Ras2gKTh0DLl0GrQei7oEuDIHKxmt3plV1Fm0yn4LpGXsyiuOqsqz3y4kTEyc%2BvQbDtxb%2Bf%2FnD2hc9KMFMjNzWuyB8JuurG4IKuyMYFXVly71xeyFSu0vGSLxa0ELNfvSeuVtrwU8dt%2F87bbAyMx7uXhC1O04zLrGvJ18ck58Kc0IYJ8v0pe1nE50u7dKw0WZmfPv%2FOiVNpboS1UmdDULnz0X0wOSJP3V6cfN9XvvwO0gxhyhppuU2mBam3wPI12Hx78fcHu899%2BvoMrCYw6oAT5w6qsh4YPz54VHJE%2FEfPQ4ntxZ%2Bu%2Ff%2FIw%2FmXQOMaVhzEEIvt%2B%2F%2Fs89ftDXSNA1pcR5bW6JkaPVWDqj5seWhQ5GZ78ZfWpBArZxAr42zEyqib%2B%2FFaudtoe4GI4ihknMeCcS%2F0W1HLdX3Og7AjvA4KOxJX3vrtXwAAAP%2F%2FAQAA%2F%2F95h694mgQAAA%3D%3D HTTP/1.1
Host: curryoxygencheaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=15460408; uid_id2=0aa967fc-2212-4f87-b537-7da7eafce058:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:55 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 919b5aef1ccdbc134ab3523c6d0f9139
Strict-Transport-Security: max-age=0; includeSubdomains

curryoxygencheaper.com/pixel/sbs?c=1

173.233.137.36

200 OK

0 B

URL GET HTTP/1.1
curryoxygencheaper.com/pixel/sbs?c=1
IP
173.233.137.36:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectcurryoxygencheaper.com
FingerprintF2:DD:AF:D4:3D:96:F2:C2:C1:37:D0:07:73:80:BA:7B:02:75:3E:DC
ValidityTue, 28 Nov 2023 08:20:34 GMT - Mon, 26 Feb 2024 08:20:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: curryoxygencheaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=15460408; uid_id2=0aa967fc-2212-4f87-b537-7da7eafce058:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/fonts/gP1RrxsjcxVyin9l9nj2hTd52.woff2

172.64.109.10

200 OK

17 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/fonts/gP1RrxsjcxVyin9l9nj2hTd52.woff2
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17360, version 1.0\012- data
Size
17 kB (17360 bytes)
Hash
70322c317b1f4e2e17dbc6b672f95f5f
f3dff7c50e1aea33814c6aeeca177ae3ff900bfc
3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/fonts/gP1RrxsjcxVyin9l9nj2hTd52.woff2 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:55 GMT
content-type: application/octet-stream
content-length: 17360
last-modified: Thu, 19 Oct 2023 15:25:28 GMT
etag: "65314a68-43d0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDkkDt6Z9kT9f%2BVwEvWq9GC2CJD4cl8Mu0y5x7sKUO%2FgNVPhXQticYe4a52SBdxOo%2B3goOXgwYhkkrWOjryaO55IW7e20SwPbQw%2BxCERBHfbiBgStUuBb8gOcOE7aujsooQDByvyxrcF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cfc2b5f6550-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=0aa967fc-2212-4f87-b537-7da7eafce058&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20

192.243.61.225

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=0aa967fc-2212-4f87-b537-7da7eafce058&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=0aa967fc-2212-4f87-b537-7da7eafce058&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 58f93768332ca2b4e4a15a988daf6d95
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=0aa967fc-2212-4f87-b537-7da7eafce058&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=d137022925bcc2a680f8a4476ff94144&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20

192.243.61.225

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=0aa967fc-2212-4f87-b537-7da7eafce058&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=d137022925bcc2a680f8a4476ff94144&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=0aa967fc-2212-4f87-b537-7da7eafce058&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=d137022925bcc2a680f8a4476ff94144&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 89b7b63e2eb4e7f40e5bb724356a4fb2
Strict-Transport-Security: max-age=0; includeSubdomains

eehuzaih.com/impression/uzqVBg8aQx-Z2GIGbSruYvw2z3JVj8nyb1eUoZO13qQgiAG-Bk_ZjJRq1HZSWC9RlcU403EInL__v4LTA6Yf7edyBkNWbLFT35vZ7Dr5_BQNdT5PwUX29Tr4L_a7P0aAF_xhdeZnNSYf3GuKNqo5Gyq6mWfuPbHCsdfDlTlV8HoH2wSiswxe7u-ZF2ccyBkU1JCiJlKdaiikFU80BcUlYpOYElWHAPHfjQxKva7gofoyeWdiegoF6-mEKPwvVbGu78VDAjlGmqsIjCfPm3D0enbOprdD7rLtB80bDzPsH8hFUDzUJmohbWT9lsAztihpcDdDJeWT14yPJckNwg1ptnuDSReXEMYMblWSMHksDTDwdima8RBkY8eRcTiAA79XeLErGfk32EeqBY1RlZ2HRl1SuYw88HHjP0-hHKHGm1-5j9G1DATB6LmA7gaWLDHHDx8apYZck6AZJc_Dyd7ykHD4cDMCRfXFa2SAszvh74P2WhjCm-JsL8bdwt5MZIP2hKxNpxBzmNMhhBYHceDlBFU5kxamOzby-UZSp4YZinaAFq59QZncl-s8Yl79NATGJA3WUoB9o5R_iL9V7ZgDQ_QWQA-zb2LjNQKk2gsrwHyHr6AEnd8AGSc-jvlrvFzBDujRz7LUjBpXoVTwObeDNRqUfTygVpC_6T2tzwUqfSHw2PbjXYuWArK0XzBxZnTxB8SI5cHjZgDKGY5UBiRcNUvOAJGFeXa0xejDgX5OywESAxGZ44DL5Xq2WHoMOtT5l8T0eA==?_z=5005565&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=9&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0

139.45.197.237

200 OK

43 B

URL GET HTTP/2
eehuzaih.com/impression/uzqVBg8aQx-Z2GIGbSruYvw2z3JVj8nyb1eUoZO13qQgiAG-Bk_ZjJRq1HZSWC9RlcU403EInL__v4LTA6Yf7edyBkNWbLFT35vZ7Dr5_BQNdT5PwUX29Tr4L_a7P0aAF_xhdeZnNSYf3GuKNqo5Gyq6mWfuPbHCsdfDlTlV8HoH2wSiswxe7u-ZF2ccyBkU1JCiJlKdaiikFU80BcUlYpOYElWHAPHfjQxKva7gofoyeWdiegoF6-mEKPwvVbGu78VDAjlGmqsIjCfPm3D0enbOprdD7rLtB80bDzPsH8hFUDzUJmohbWT9lsAztihpcDdDJeWT14yPJckNwg1ptnuDSReXEMYMblWSMHksDTDwdima8RBkY8eRcTiAA79XeLErGfk32EeqBY1RlZ2HRl1SuYw88HHjP0-hHKHGm1-5j9G1DATB6LmA7gaWLDHHDx8apYZck6AZJc_Dyd7ykHD4cDMCRfXFa2SAszvh74P2WhjCm-JsL8bdwt5MZIP2hKxNpxBzmNMhhBYHceDlBFU5kxamOzby-UZSp4YZinaAFq59QZncl-s8Yl79NATGJA3WUoB9o5R_iL9V7ZgDQ_QWQA-zb2LjNQKk2gsrwHyHr6AEnd8AGSc-jvlrvFzBDujRz7LUjBpXoVTwObeDNRqUfTygVpC_6T2tzwUqfSHw2PbjXYuWArK0XzBxZnTxB8SI5cHjZgDKGY5UBiRcNUvOAJGFeXa0xejDgX5OywESAxGZ44DL5Xq2WHoMOtT5l8T0eA==?_z=5005565&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=9&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjecteehuzaih.com
FingerprintAC:55:E9:5B:5B:87:BF:89:7C:BE:E0:77:14:BE:B7:B4:16:AB:70:5A
ValiditySun, 12 Nov 2023 08:38:54 GMT - Sat, 10 Feb 2024 08:38:53 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/uzqVBg8aQx-Z2GIGbSruYvw2z3JVj8nyb1eUoZO13qQgiAG-Bk_ZjJRq1HZSWC9RlcU403EInL__v4LTA6Yf7edyBkNWbLFT35vZ7Dr5_BQNdT5PwUX29Tr4L_a7P0aAF_xhdeZnNSYf3GuKNqo5Gyq6mWfuPbHCsdfDlTlV8HoH2wSiswxe7u-ZF2ccyBkU1JCiJlKdaiikFU80BcUlYpOYElWHAPHfjQxKva7gofoyeWdiegoF6-mEKPwvVbGu78VDAjlGmqsIjCfPm3D0enbOprdD7rLtB80bDzPsH8hFUDzUJmohbWT9lsAztihpcDdDJeWT14yPJckNwg1ptnuDSReXEMYMblWSMHksDTDwdima8RBkY8eRcTiAA79XeLErGfk32EeqBY1RlZ2HRl1SuYw88HHjP0-hHKHGm1-5j9G1DATB6LmA7gaWLDHHDx8apYZck6AZJc_Dyd7ykHD4cDMCRfXFa2SAszvh74P2WhjCm-JsL8bdwt5MZIP2hKxNpxBzmNMhhBYHceDlBFU5kxamOzby-UZSp4YZinaAFq59QZncl-s8Yl79NATGJA3WUoB9o5R_iL9V7ZgDQ_QWQA-zb2LjNQKk2gsrwHyHr6AEnd8AGSc-jvlrvFzBDujRz7LUjBpXoVTwObeDNRqUfTygVpC_6T2tzwUqfSHw2PbjXYuWArK0XzBxZnTxB8SI5cHjZgDKGY5UBiRcNUvOAJGFeXa0xejDgX5OywESAxGZ44DL5Xq2WHoMOtT5l8T0eA==?_z=5005565&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=9&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: OAID=5baa397afade49618e46c4570c9fa5bf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:56 GMT
content-type: image/gif
content-length: 43
x-trace-id: 19589248ffcfb497b2982033986c727d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg

172.67.22.216

200 OK

19 kB

URL GET HTTP/2
offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg
IP
172.67.22.216:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
19 kB (19381 bytes)
Hash
71581bf2ce9a00138faf7dd80fe3e12e
56479135ed64bf23e1037067c0c87047eb8a414c
5d9f95c8c06343cc189b38268296615ed8816d8154b4b782ad0d62bedd23525e

HTTP Headers

GET /www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:56 GMT
content-type: image/jpeg
content-length: 19381
cache-control: max-age=86400
cf-bgj: h2pri
etag: "65674405-4bb5"
expires: Sat, 02 Dec 2023 14:07:34 GMT
last-modified: Wed, 29 Nov 2023 14:00:37 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 22582
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0d045d4a0afe-OSL
X-Firefox-Spdy: h2

offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg

172.67.22.216

200 OK

19 kB

URL GET HTTP/2
offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg
IP
172.67.22.216:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
19 kB (19381 bytes)
Hash
71581bf2ce9a00138faf7dd80fe3e12e
56479135ed64bf23e1037067c0c87047eb8a414c
5d9f95c8c06343cc189b38268296615ed8816d8154b4b782ad0d62bedd23525e

HTTP Headers

GET /www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:56 GMT
content-type: image/jpeg
content-length: 19381
cache-control: max-age=86400
cf-bgj: h2pri
etag: "65674405-4bb5"
expires: Sat, 02 Dec 2023 14:07:34 GMT
last-modified: Wed, 29 Nov 2023 14:00:37 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 22582
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0d049d780afe-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 169800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 141982
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 169800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 141982
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701462235742&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1206520075.1701462236&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701462236&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&dt=Legendarna%20%E2%80%9Evespa%E2%80%9C%20ne%20sme%20da%20se%20imitira%3A%20EU%20sud%20udario%20%E2%80%9Erampu%E2%80%9C%20Kinezima%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=8608

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701462235742&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1206520075.1701462236&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701462236&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&dt=Legendarna%20%E2%80%9Evespa%E2%80%9C%20ne%20sme%20da%20se%20imitira%3A%20EU%20sud%20udario%20%E2%80%9Erampu%E2%80%9C%20Kinezima%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=8608
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701462235742&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1206520075.1701462236&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701462236&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&dt=Legendarna%20%E2%80%9Evespa%E2%80%9C%20ne%20sme%20da%20se%20imitira%3A%20EU%20sud%20udario%20%E2%80%9Erampu%E2%80%9C%20Kinezima%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=8608 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://www.vugla.com
date: Fri, 01 Dec 2023 20:23:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

tharbadir.com/11?rnd=3843238622&z=2892323&b=19741376&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=INQBmvl4W1kOe--e0csvvvkkblNz8oUVIgv82LzV6AGgI2LXSJsQvOhQ6acuZ3rafJhj3yhHfMrOydPi0WsdQvoljZ8C1Q8rprv8JfKTbSJ1PAPrJXq7ka2nUWqRjgeKHI6AbxlHbYvfoMaQuA1-KHZtha6cGoCjf8OPTHF_kqY59c6gHI4-O3c4zrqNvOsQuIqxeyJcfbJxWN1a319mPty_nmkArx7HG3hHUpzp2t0aWEd-J1fgZEdZKPSI70dt34PrFGTgZtx0Y3LsRrgTR2Jlmw64JRuaFtS4qnDJz4VC3i_BCy2DtLQQ0CEdXYmuDiBkjVWiYFK6XAfIsN3a5X7R9cEWhHL9n6gbmf62OyJvF_r-NJZiZbCtKtPBppK-MKP29-bzM3Tcelqg9K7l1iZZEjs0ks9Ax1RKGyn_10tfOyYhyFrfGDzUefGPPtHmLSNWck1DdvMuswcs2UVrW4XYtCpzbUweC0ZXiS6o_ONbERmw9Ma_b6Gbh9_MccpcpjHMJK7az2-TxkiSUScyZbUSDoxJh7HlWbZ8PEOV35U5gx4ZsteDw4IF4xHIInUXdwHOQH46G9_BT4ppoX5F0nb_OA33972DGlOBk6rZyJ2uevCoZWXR4pLEyM2p1ayg0SHzNMgVAELavCKcoZIMGFY-jVAKIHYCLdkvM65E7KsVWQJSL_ojhk12urcJILtLwHxhnsGmTaF9okjp5r1Ulz0HIu7kI30tUc8kiQ==&ruid=221eb61e-ce14-43a2-9891-a9960ed47a04&subid=754549898872893441&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1

139.45.197.238

200 OK

0 B

URL GET HTTP/2
tharbadir.com/11?rnd=3843238622&z=2892323&b=19741376&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=INQBmvl4W1kOe--e0csvvvkkblNz8oUVIgv82LzV6AGgI2LXSJsQvOhQ6acuZ3rafJhj3yhHfMrOydPi0WsdQvoljZ8C1Q8rprv8JfKTbSJ1PAPrJXq7ka2nUWqRjgeKHI6AbxlHbYvfoMaQuA1-KHZtha6cGoCjf8OPTHF_kqY59c6gHI4-O3c4zrqNvOsQuIqxeyJcfbJxWN1a319mPty_nmkArx7HG3hHUpzp2t0aWEd-J1fgZEdZKPSI70dt34PrFGTgZtx0Y3LsRrgTR2Jlmw64JRuaFtS4qnDJz4VC3i_BCy2DtLQQ0CEdXYmuDiBkjVWiYFK6XAfIsN3a5X7R9cEWhHL9n6gbmf62OyJvF_r-NJZiZbCtKtPBppK-MKP29-bzM3Tcelqg9K7l1iZZEjs0ks9Ax1RKGyn_10tfOyYhyFrfGDzUefGPPtHmLSNWck1DdvMuswcs2UVrW4XYtCpzbUweC0ZXiS6o_ONbERmw9Ma_b6Gbh9_MccpcpjHMJK7az2-TxkiSUScyZbUSDoxJh7HlWbZ8PEOV35U5gx4ZsteDw4IF4xHIInUXdwHOQH46G9_BT4ppoX5F0nb_OA33972DGlOBk6rZyJ2uevCoZWXR4pLEyM2p1ayg0SHzNMgVAELavCKcoZIMGFY-jVAKIHYCLdkvM65E7KsVWQJSL_ojhk12urcJILtLwHxhnsGmTaF9okjp5r1Ulz0HIu7kI30tUc8kiQ==&ruid=221eb61e-ce14-43a2-9891-a9960ed47a04&subid=754549898872893441&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjecttharbadir.com
FingerprintA5:91:BD:23:83:6F:FE:A6:06:78:AE:E7:58:60:8E:74:B2:BA:C3:64
ValidityThu, 21 Sep 2023 16:36:00 GMT - Wed, 20 Dec 2023 16:35:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=3843238622&z=2892323&b=19741376&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=INQBmvl4W1kOe--e0csvvvkkblNz8oUVIgv82LzV6AGgI2LXSJsQvOhQ6acuZ3rafJhj3yhHfMrOydPi0WsdQvoljZ8C1Q8rprv8JfKTbSJ1PAPrJXq7ka2nUWqRjgeKHI6AbxlHbYvfoMaQuA1-KHZtha6cGoCjf8OPTHF_kqY59c6gHI4-O3c4zrqNvOsQuIqxeyJcfbJxWN1a319mPty_nmkArx7HG3hHUpzp2t0aWEd-J1fgZEdZKPSI70dt34PrFGTgZtx0Y3LsRrgTR2Jlmw64JRuaFtS4qnDJz4VC3i_BCy2DtLQQ0CEdXYmuDiBkjVWiYFK6XAfIsN3a5X7R9cEWhHL9n6gbmf62OyJvF_r-NJZiZbCtKtPBppK-MKP29-bzM3Tcelqg9K7l1iZZEjs0ks9Ax1RKGyn_10tfOyYhyFrfGDzUefGPPtHmLSNWck1DdvMuswcs2UVrW4XYtCpzbUweC0ZXiS6o_ONbERmw9Ma_b6Gbh9_MccpcpjHMJK7az2-TxkiSUScyZbUSDoxJh7HlWbZ8PEOV35U5gx4ZsteDw4IF4xHIInUXdwHOQH46G9_BT4ppoX5F0nb_OA33972DGlOBk6rZyJ2uevCoZWXR4pLEyM2p1ayg0SHzNMgVAELavCKcoZIMGFY-jVAKIHYCLdkvM65E7KsVWQJSL_ojhk12urcJILtLwHxhnsGmTaF9okjp5r1Ulz0HIu7kI30tUc8kiQ==&ruid=221eb61e-ce14-43a2-9891-a9960ed47a04&subid=754549898872893441&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: scm=1; OAID=5baa397afade49618e46c4570c9fa5bf; oaidts=1701462230
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:57 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 706063f64672f8b11cac2c90c3fe5a1d
access-control-expose-headers: X-Sc
set-cookie: OAID=5baa397afade49618e46c4570c9fa5bf; expires=Sat, 30 Nov 2024 20:23:57 GMT; secure; SameSite=None
oaidts=1701462230; expires=Sat, 30 Nov 2024 20:23:57 GMT; secure; SameSite=None
oaidvc=1; expires=Sat, 30 Nov 2024 20:23:57 GMT; secure; SameSite=None
CNT=1_v1_wDotAQEAAADsTAAA; expires=Fri, 01 Dec 2023 21:23:57 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

vaugroar.com/custom

139.45.197.250

200 OK

39 B

URL POST HTTP/2
vaugroar.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectvaugroar.com
FingerprintF5:48:7D:7C:B6:28:8D:55:D3:7D:CF:03:2F:84:BE:B7:FD:20:F0:EE
ValiditySun, 12 Nov 2023 05:15:08 GMT - Sat, 10 Feb 2024 05:15:07 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: vaugroar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 432
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:58 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 80d095ed5dfd33090c4f4919f3cd4242
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

192.185.106.252

200 OK

88 kB

URL GET HTTP/2
www.vugla.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1

192.185.106.252

200 OK

571 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type

Size
571 kB (571247 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.173.31

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
172.64.173.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 291e31f28d889b068f0953852827f892
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 01 Dec 2023 20:23:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TtBsuwj3AUDk95%2FauUWaIzNwnzrZt9EM2CBs7Sgey7WCLJl1lDgi%2BDdMyBG89VLDkfiAWD4abIRV79n79MxV279Aog5OPsBvbvEDQkxeo7vwGcM4gX%2BoPPPeKJKyy5qWyqaxV8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0ce99980889e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.yourwebbars.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/index.html

172.67.74.218

200 OK

1.4 kB

URL GET HTTP/2
cdn.yourwebbars.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/index.html
IP
172.67.74.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49
ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (1513), with no line terminators
Size
1.4 kB (1433 bytes)
Hash
81d8118d3537074ab40120b4e3f313d1
9e5bab2b235aadee5ef3ea18d5d73586e92e11f2
2f234b9a6693d5555fdaff9bf301a59a5912fb833f3e168fdbb717a08c6b4e51

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:54 GMT
content-type: text/html
last-modified: Thu, 19 Oct 2023 15:25:25 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 429385
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SozIrXsmzC%2Bck1Y%2B7I1r6yr1OUcnlE6G0MxSZjJ8OWxEqO38sPnJTxe4O3sPhQZcVjKVNgXVhnVr%2BuBsePaXgvbJ6x%2FvWPNjciLDaWhN2bc74MDTGNikJcGVGZdFEgbs8r%2BOyPI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cf41ccc56a2-OSL
content-encoding: br
X-Firefox-Spdy: h2

tharbadir.com/2?z=1347951

139.45.197.238

200 OK

43 kB

URL GET HTTP/2
tharbadir.com/2?z=1347951
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjecttharbadir.com
FingerprintA5:91:BD:23:83:6F:FE:A6:06:78:AE:E7:58:60:8E:74:B2:BA:C3:64
ValidityThu, 21 Sep 2023 16:36:00 GMT - Wed, 20 Dec 2023 16:35:59 GMT

File type
ASCII text, with very long lines (41880)
Size
43 kB (42898 bytes)
Hash
4e0e109e843c8305aa3add5112a6b15b
ec38f4e25ce95deab984779e1fa3a88b3af794cc
2a59d2db6c000a7589a3d97f78a7f7d8bb9067bd7b77a70f446f75465b40ed01

HTTP Headers

GET /2?z=1347951 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:50 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: ed8fa8038da4ce3ec47e0efe48dd122f
access-control-expose-headers: X-Sc
x-sc: a1XeI_lWoPHC9_0-FXbvxdrHmk3OMyGmiIvDjBDF7Fv1Qi4moieVgrGgDFseMPgJ98-Xd59P9S5ioVg29NQJotbx1UY=
set-cookie: scm=1; expires=Sat, 30 Nov 2024 20:23:50 GMT; secure; SameSite=None
OAID=110576c77cac4a29a8ac8fece672cec4; expires=Sat, 30 Nov 2024 20:23:50 GMT; secure; SameSite=None
oaidts=1701462230; expires=Sat, 30 Nov 2024 20:23:50 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1

192.185.106.252

200 OK

110 kB

URL GET HTTP/2
www.vugla.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type

Size
110 kB (110035 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_1024.css

192.185.106.252

200 OK

6.1 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/style_1024.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (6777), with no line terminators
Size
6.1 kB (6109 bytes)
Hash
4ab5b8cd18318f50612bad8147cef8f6
f710f0d941071c8028be2323d357efe299c5bf74
2cf86a1c786ad97556cf75a3557498ea13f8a679cd78c2b6324915fc3fab98e3

HTTP Headers

GET /wp-content/themes/vugla/css/style_1024.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:28 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2267
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/css/animate.css

172.64.109.10

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/css/animate.css
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text
Size
79 kB (79249 bytes)
Hash
e1d8acd5ee9d1a90ea09313cbd8f2b02
8a8327b115d1356715e63270d1ce6d46124c7b1a
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:54 GMT
content-type: text/css
last-modified: Thu, 19 Oct 2023 15:30:49 GMT
etag: W/"65314ba9-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMcMnqsFZKAk1sr0520P0NE%2FAFX70JBniZh%2FAkgr2AHNrbceT7ZJJT5vznmWraHqwkhrZP3wW%2Fod4P8VXWYzTbpVy%2BfLIIsQS0fgO3MO5vGo56JWP6yzTMV2lqAFJJHynWIh7JgzOxiz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cf55f6f6550-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.173.31

200 OK

86 kB

URL GET HTTP/3
friendshipmale.com/sfp.js
IP
172.64.173.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Dec 2023 20:23:54 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: cfb619bb4371b8106b2b3692b613d6f8
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 01 Dec 2023 20:23:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnA%2FM970%2B3Ng1q%2BLzTiu9GlDxBEqEJSHS8p6ZIImE2J5E927ZgbLiLqJtPH7ua0CA5hw0gg8FeewFxmePNAWSa3t1d2x%2BR2Y1kYRdXcyJJbIThTU1JPzWbi0FBNzEcyIJkn46EM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cf49fd64176-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

tzegilo.com/stattag.js

172.67.193.52

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
172.67.193.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint52:B8:ED:73:BB:55:6F:9C:F8:97:7C:04:34:2B:AD:DB:55:0A:C9:6A
ValidityThu, 05 Oct 2023 17:59:18 GMT - Wed, 03 Jan 2024 17:59:17 GMT

File type
ASCII text, with very long lines (18369)
Size
19 kB (19019 bytes)
Hash
89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:51 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6929
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4WieMW9BrVWZ3K36ngE5TqQ5e3JAzNOFXflwd06jwZ9X0T2LsWI5hGPiItOmAa3h75FsLyQPzwQv1TqEM6IVhcEvd8Nul3lKP%2FQTiyCQuuGawhpjbQ9O%2FhQ6aDzjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0ce32b3d7130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

6.8 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (7013), with no line terminators
Size
6.8 kB (6824 bytes)
Hash
49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Dec 2023 20:23:54 GMT
date: Fri, 01 Dec 2023 20:23:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.74.78

301 Moved Permanently

0 B

URL GET HTTP/3
apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 20:23:52 GMT
expires: Fri, 01 Dec 2023 20:53:52 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs

142.250.74.78

200 OK

161 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
ASCII text, with very long lines (1505)
Size
161 kB (161398 bytes)
Hash
4a256001cbbe7af37c71afbd89ba1656
4760f1dee9f6ff6db6f33eeee3dc7ec76155f7dd
5b683a525a2a814b27fc09152ee8030b6d542cd24a61de371bbe5e8815e9d0b1

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 55751
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:12:01 GMT
expires: Fri, 29 Nov 2024 04:12:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 144712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vugla.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__

142.250.150.84

200 OK

565 B

URL GET HTTP/2
accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vugla.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (585), with no line terminators
Size
565 B (565 bytes)
Hash
f101a336770ccd0a10f6925321ad8987
2d942de047dfc2a7cbee168dc6a261865aeca8de
0abb3c3df2cb891bb44535b5b10c491bbc0c7f15b4537bf2f2c4719298c58bc5

HTTP Headers

GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vugla.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 01 Dec 2023 20:23:53 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-xOKaR5Gt_wS9RtUXgIkeHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

vaugroar.com/pfe/current/tag.min.js?z=1548391

139.45.197.250

200 OK

13 kB

URL GET HTTP/2
vaugroar.com/pfe/current/tag.min.js?z=1548391
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectvaugroar.com
FingerprintF5:48:7D:7C:B6:28:8D:55:D3:7D:CF:03:2F:84:BE:B7:FD:20:F0:EE
ValiditySun, 12 Nov 2023 05:15:08 GMT - Sat, 10 Feb 2024 05:15:07 GMT

File type
C source, ASCII text, with very long lines (13300), with no line terminators
Size
13 kB (13300 bytes)
Hash
258578af3c107ccb907f73c3a2f4c25f
7a192edea829968fb7f57f2a2fc4cb5b612598be
1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/tag.min.js?z=1548391 HTTP/1.1
Host: vaugroar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:50 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-33f4"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

vaugroar.com/pfe/current/defaultSkin.min.js

139.45.197.250

200 OK

57 kB

URL GET HTTP/2
vaugroar.com/pfe/current/defaultSkin.min.js
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectvaugroar.com
FingerprintF5:48:7D:7C:B6:28:8D:55:D3:7D:CF:03:2F:84:BE:B7:FD:20:F0:EE
ValiditySun, 12 Nov 2023 05:15:08 GMT - Sat, 10 Feb 2024 05:15:07 GMT

File type

Size
57 kB (57187 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: vaugroar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:57 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-df63"
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

afodreet.net/?rb=qQp5efD15kWRY8YyTX3F-jmcfdap6QerA0P5hhmUrnKFAxjnDufiOcDqYxSMqmi4paIpYMYdgTQPyy9OsvC0nFS5ZKYZG4eI2uyxslQbRk54Yu9zLDL30niszSxzHqF3V7Y6uQQP2kdeAo6b2npRu5DgyBEZqKypJwHKPtAXcdYFSAkzXVjnmHLqWBOZ9XEa0H5nl3rhCIwLWlvetM53gHeCar7OWWvH0Rb1LZxb_Mc%3D&request_ab2=0&zoneid=1316441&js_build=iclick-v1.635.3-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.635.3-auto&bs=31224a1a-ab0a-40a3-8c86-961b2fbc50e3&userId=5baa397afade49618e46c4570c9fa5bf&m=link

139.45.197.243

200 OK

2.3 kB

URL GET HTTP/2
afodreet.net/?rb=qQp5efD15kWRY8YyTX3F-jmcfdap6QerA0P5hhmUrnKFAxjnDufiOcDqYxSMqmi4paIpYMYdgTQPyy9OsvC0nFS5ZKYZG4eI2uyxslQbRk54Yu9zLDL30niszSxzHqF3V7Y6uQQP2kdeAo6b2npRu5DgyBEZqKypJwHKPtAXcdYFSAkzXVjnmHLqWBOZ9XEa0H5nl3rhCIwLWlvetM53gHeCar7OWWvH0Rb1LZxb_Mc%3D&request_ab2=0&zoneid=1316441&js_build=iclick-v1.635.3-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.635.3-auto&bs=31224a1a-ab0a-40a3-8c86-961b2fbc50e3&userId=5baa397afade49618e46c4570c9fa5bf&m=link
IP
139.45.197.243:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/legendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html
Certificate
IssuerLet's Encrypt
Subjectafodreet.net
Fingerprint73:3B:42:21:58:48:F9:06:51:B8:39:61:55:14:AC:14:D7:00:6D:F9
ValidityThu, 23 Nov 2023 05:19:42 GMT - Wed, 21 Feb 2024 05:19:41 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2348), with no line terminators
Size
2.3 kB (2319 bytes)
Hash
e7e0145aacd6865f4cea4fb1931ca35f
3427c7e033dc99ff8fbb27767b41788b345dfcb4
e5ead6e86e08fafa1a8bcfec4f8f88ffb335aa6f7101a95521ed3aa3ac30ad55

HTTP Headers

GET /?rb=qQp5efD15kWRY8YyTX3F-jmcfdap6QerA0P5hhmUrnKFAxjnDufiOcDqYxSMqmi4paIpYMYdgTQPyy9OsvC0nFS5ZKYZG4eI2uyxslQbRk54Yu9zLDL30niszSxzHqF3V7Y6uQQP2kdeAo6b2npRu5DgyBEZqKypJwHKPtAXcdYFSAkzXVjnmHLqWBOZ9XEa0H5nl3rhCIwLWlvetM53gHeCar7OWWvH0Rb1LZxb_Mc%3D&request_ab2=0&zoneid=1316441&js_build=iclick-v1.635.3-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.vugla.com%2Flegendarna-vespa-ne-sme-da-se-imitira-eu-sud-udario-rampu-kinezima.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.635.3-auto&bs=31224a1a-ab0a-40a3-8c86-961b2fbc50e3&userId=5baa397afade49618e46c4570c9fa5bf&m=link HTTP/1.1
Host: afodreet.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Cookie: OAID=994b5a52933846c58dfe044303c92652; oaidts=1701462230
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/json
x-trace-id: d18ad71c7d1abd7c0167e1749928877a
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=5baa397afade49618e46c4570c9fa5bf; expires=Sat, 30 Nov 2024 20:23:52 GMT; path=/; secure; SameSite=None
oaidts=1701462232; expires=Sat, 30 Nov 2024 20:23:52 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 08 Dec 2023 20:23:52 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (62)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN