Report - www.vugla.com/?p=574573

Report Overview

Visited public
2023-12-01 20:24:11
Tags
URL
www.vugla.com/?p=574573
Finishing URL
www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
IP / ASN
192.185.106.252
#46606 UNIFIEDLAYER-AS-1
Title
(1) New Message!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.yourwebbars.com	62037	2020-08-21	2021-01-29 18:47:27	2023-12-01 01:01:13	503 B	2.2 kB	104.26.6.19
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-12-01 08:11:25	350 B	942 B	54.230.218.11
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-11-30 20:01:36	1.0 kB	1.5 kB	139.45.195.8
www.profitabledisplaycontent.com	138390	2020-10-14	2020-10-16 04:07:47	2023-11-28 18:09:47	2.9 kB	6.0 kB	173.233.137.52
eehuzaih.com	unknown	2022-02-21	2022-02-21 12:12:25	2023-11-25 20:59:40	3.7 kB	39 kB	139.45.197.237
ssl.gstatic.com	unknown	2008-02-11	2012-05-23 08:57:57	2023-12-01 13:19:29	446 B	6.1 kB	142.250.74.163
tzegilo.com	unknown	2022-01-14	2022-01-14 16:27:15	2023-11-30 22:37:49	408 B	20 kB	104.21.11.245
rudimentarydelay.com	unknown	unknown	No data	No data	497 B	467 B	173.233.137.44
vaugroar.com	unknown	2022-04-19	2022-04-21 19:10:04	2023-11-27 21:40:27	3.9 kB	108 kB	139.45.197.250
psuftoum.com	unknown	2023-04-12	2023-04-12 10:42:16	2023-11-19 15:37:13	1.6 kB	76 kB	139.45.197.244
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-12-01 07:35:53	577 B	578 B	142.250.74.163
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-01 08:02:13	1.4 kB	46 kB	142.250.74.106
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-01 05:09:40	1.8 kB	870 B	216.239.32.36
pl16411290.alternativecpmgate.com	unknown	2021-07-01	2023-05-22 08:21:17	2023-11-24 20:52:24	460 B	10 kB	192.243.59.12
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-01 05:29:09	5.5 kB	339 kB	142.250.74.67
pl15560907.passtechusa.com	unknown	2020-02-27	2022-10-27 15:33:11	2023-11-25 04:22:29	455 B	16 kB	173.233.137.52
offerimage.com	304078	2019-06-10	2019-06-10 13:11:53	2023-12-01 12:59:37	1.4 kB	60 kB	104.22.32.172
amunfezanttor.com	unknown	2023-03-31	2023-03-31 14:42:42	2023-12-01 13:22:24	1.0 kB	977 B	139.45.197.250
rollerstrayprawn.com	unknown	2023-11-28	2023-11-28 13:01:20	2023-11-28 22:57:03	4.9 kB	6.4 kB	192.243.59.12
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-12-01 06:35:15	1.9 kB	147 kB	45.133.44.10
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	429 B	150 kB	142.250.74.132
apis.google.com	105	1997-09-15	2013-05-06 22:20:21	2023-12-01 05:11:42	3.4 kB	148 kB	142.250.74.78
www.kursnalista.co	unknown	2019-01-14	2015-04-30 23:56:04	2023-11-19 14:45:56	893 B	134 kB	192.185.106.47
tharbadir.com	670354	2018-04-25	2018-05-21 22:07:02	2023-11-20 17:43:39	7.5 kB	183 kB	139.45.197.238
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2023-12-01 08:33:49	720 B	1.3 kB	142.250.150.84
www.nbfcs.org	unknown	2022-11-16	2022-11-17 15:12:53	2023-11-28 23:26:53	1.8 kB	5.3 kB	15.197.172.60
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2023-11-30 20:03:45	1.5 kB	847 B	192.243.61.227
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-12-01 15:23:59	822 B	173 kB	172.64.173.31
www.vugla.com	unknown	2013-09-24	2015-02-06 16:22:31	2023-12-01 16:07:35	38 kB	1.0 MB	192.185.106.252
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-01 06:26:25	432 B	86 kB	142.250.74.168
img1.wsimg.com	9893	2008-03-17	2012-06-20 16:42:31	2023-12-01 05:09:04	896 B	203 kB	95.101.10.129
buttersource.com	unknown	unknown	No data	No data	6.3 kB	40 kB	173.233.137.44
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15 17:46:22	2023-12-01 11:43:19	3.0 kB	238 kB	172.64.108.10
www.variouscreativeformats.com	408415	2021-06-09	2021-06-13 08:53:26	2023-11-28 18:09:46	457 B	12 kB	192.243.59.12
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-12-01 06:19:54	950 B	716 B	18.157.203.0
fleraprt.com	unknown	2022-01-14	2022-01-14 23:55:14	2023-12-01 20:18:58	535 B	481 B	139.45.195.254

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-01	medium	eehuzaih.com	Sinkholed
2023-12-01	medium	fleraprt.com	Sinkholed
2023-12-01	medium	vaugroar.com	Sinkholed
2023-12-01	medium	eehuzaih.com	Sinkholed
2023-12-01	medium	psuftoum.com	Sinkholed
2023-12-01	medium	buttersource.com	Sinkholed
2023-12-01	medium	vaugroar.com	Sinkholed
2023-12-01	medium	vaugroar.com	Sinkholed
2023-12-01	medium	amunfezanttor.com	Sinkholed
2023-12-01	medium	eehuzaih.com	Sinkholed
2023-12-01	medium	vaugroar.com	Sinkholed
2023-12-01	medium	rollerstrayprawn.com	Sinkholed
2023-12-01	medium	buttersource.com	Sinkholed
2023-12-01	medium	buttersource.com	Sinkholed
2023-12-01	medium	amunfezanttor.com	Sinkholed
2023-12-01	medium	buttersource.com	Sinkholed
2023-12-01	medium	buttersource.com	Sinkholed
2023-12-01	medium	rollerstrayprawn.com	Sinkholed
2023-12-01	medium	rudimentarydelay.com	Sinkholed
2023-12-01	medium	vaugroar.com	Sinkholed
2023-12-01	medium	rollerstrayprawn.com	Sinkholed
2023-12-01	medium	unseenreport.com	Sinkholed
2023-12-01	medium	eehuzaih.com	Sinkholed
2023-12-01	medium	vaugroar.com	Sinkholed
2023-12-01	medium	vaugroar.com	Sinkholed
2023-12-01	medium	vaugroar.com	Sinkholed
2023-12-01	medium	unseenreport.com	Sinkholed
2023-12-01	medium	psuftoum.com	Sinkholed
2023-12-01	medium	rollerstrayprawn.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (58)

	URL	From	Size	First Seen	Last Seen
	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs	ScriptElement	100 kB	2023-11-28	2023-12-18
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 16:18 Last Seen2023-12-18 03:57 Times Seen144 Hash e0fbc84518a1bab9c8bad9f76463d338 ecce9ef563bc5170ebcfcfd35e0dd5b17bc0b874 d99dd3891be0d37edbcc13fdaad780f164a758be5d0c8a71f66596e6cda04f70 Loading...

	www.nbfcs.org/px.js?ch=2&abp=1	ScriptElement	476 B	2023-03-13	2024-08-21
Pretty URL www.nbfcs.org/px.js?ch=2&abp=1 IP 15.197.172.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:28 Last Seen2024-08-21 09:44 Times Seen9007 Hash d2183968f9080b37babfeba3ccf10df2 24b9cf589ee6789e567fac3ae5acfc25826d00c6 4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc Loading...

	www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js	ScriptElement	30 kB	2023-11-26	2023-12-12
Pretty URL www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-26 17:50 Last Seen2023-12-12 22:21 Times Seen66 Hash 223406d9dbf6d31ee7d9236d1c95ea29 8a45024df7b5013212b1fd369c5670655bd55b66 8eb1cd23b38e67fb1ec812debb06ff9f68891aeecaf2edeba8c0a73081c27ed0 Loading...

	apis.google.com/js/rpc:shindig_random.js?onload=init	ScriptElement	18 kB	2023-11-28	2023-12-18
Pretty URL apis.google.com/js/rpc:shindig_random.js?onload=init IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 06:17 Last Seen2023-12-18 09:03 Times Seen200 Hash 84a5ff7df274c2aa0f5db3d0db8deb60 fe9d4e60961ea15195134fa043256585a3956984 0d3c50c1af81534edee9a430edb5d09c6068348173496657982a4546ff2ee231 Loading...

	www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT	ScriptElement	246 kB	2023-12-01	2023-12-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 21:24 Last Seen2023-12-01 21:24 Times Seen1 Hash 210ba9286974f8f27d255054f707c2f7 c81b45b1bfdd2bf9a1ec824ef97c908483948ded 4e73dc2ae2f5be4cfb44779d6f708dce8a98d3c16904c41d5864fc8c3245075d Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-11-23	2024-08-20
Pretty URL friendshipmale.com/sfp.js IP 172.64.173.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 18:35 Last Seen2024-08-20 18:08 Times Seen6307 Hash 924e967bca1d599992556a8d139b1c5a 222b09dbf164ddc03d39100fd0524a22018d28b2 ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95 Loading...

	unknown	ScriptElement	88 kB	2023-11-02	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 10:05 Last Seen2024-08-20 21:23 Times Seen2914 Hash d46d2997ab218d1dba1ab614422ed53f 3f1f6b9847c8ad209835db366c62fcb209b83a67 09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42 Loading...

	unknown	ScriptElement	26 kB	2023-03-07	2025-01-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-01-30 15:49 Times Seen1752 Hash a912e7afe74b51fdd03b28bf67e7d409 85004dfe087af5a730261c85262661d89b3d2516 706b3882753d8f81cfcf35aa2623303b1b380c8106686a4ad12a1fae23cf4650 Loading...

	www.vugla.com/wp-content/themes/vugla/js/scripts.js?ver=6.4.1	ScriptElement	104 kB	2023-05-22	2024-08-21
Pretty URL www.vugla.com/wp-content/themes/vugla/js/scripts.js?ver=6.4.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen199 Hash ef9b7abbc5670902d89c6d20af50b7c3 2593f7764d07fecf938574d3d93693f1974759d2 17cadc0ae5ff07b667c2150bce71007b771bcc75ce070fd2a697ee2e60109535 Loading...

	www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html	ScriptElement	3.3 kB	2023-11-13	2024-08-20
Pretty URL www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-13 23:13 Last Seen2024-08-20 19:42 Times Seen77 Hash d13d41a1b861ef9aa0e02b02b0f7d642 2054927fbb35d426ca430a809cd4ba350f2ddec2 84b675950434bdf327774b6e23b2a2737f07135d842888d8b99be08475d9be94 Loading...

	pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js	ScriptElement	25 kB	2023-12-01	2023-12-01
Pretty URL pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 21:24 Last Seen2023-12-01 21:24 Times Seen1 Hash bd979a1a07bb541e2edfbe8a50ca4aa6 46f6d137280f6170219c6f493e6eed270c20b80c df5d6678b1243a3cabae669d7dd8f73048dbffbff1f5a2fb302762fae1569a0e Loading...

	unknown	ScriptElement	3.3 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:08 Last Seen2024-08-20 17:08 Times Seen1 Hash 9a1a1dc8458fc870f251f1a15c5ca6d1 a41591921eef21a6f55e284a49c0f4fdf1df252c d52d4a376d684fb3cc5203a9b9a5b22ddebd02bca84555972235e9694d51b034 Loading...

	buttersource.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js	ScriptElement	60 kB	2023-12-01	2023-12-01
Pretty URL buttersource.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 21:24 Last Seen2023-12-01 21:24 Times Seen1 Hash 13f4f0a195c492fabfb57a0db4faad6d f9748655b45ffa60e2db0c16b33a75de8f8edcb3 4211e400fdeb89f3af0fea5b65be706168e13aecfdd5992b6e75a5c0b120f299 Loading...

	moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js		1.7 kB	2023-05-05	2025-05-09
Pretty URL moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-05-09 02:29 Times Seen54703 Hash 865f01cbb34eb505834e826380d7dc2e c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e 30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17 Loading...

	connect.facebook.net/en_US/all.js#xfbml=1	ScriptElement	17 kB	2023-05-05	2025-05-09
Pretty URL connect.facebook.net/en_US/all.js#xfbml=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-05-09 02:29 Times Seen54104 Hash b938e0b835c600209bdaae9d8ccda6d7 d5ee79d277057e05f002a18381722b5eb75d3883 d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b Loading...

	tzegilo.com/stattag.js	ScriptElement	19 kB	2023-09-07	2024-08-21
Pretty URL tzegilo.com/stattag.js IP 104.21.11.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 20:07 Last Seen2024-08-21 07:20 Times Seen2395 Hash 89e89aea544ea2785d49cc4cd9cf26f6 7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b 86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9 Loading...

	vaugroar.com/pfe/current/tag.min.js?z=1548391	ScriptElement	13 kB	2023-11-02	2024-08-20
Pretty URL vaugroar.com/pfe/current/tag.min.js?z=1548391 IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 10:05 Last Seen2024-08-20 21:23 Times Seen2697 Hash 258578af3c107ccb907f73c3a2f4c25f 7a192edea829968fb7f57f2a2fc4cb5b612598be 1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75 Loading...

	unknown	ScriptElement	4.1 kB	2023-11-26	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-26 22:07 Last Seen2024-08-20 17:49 Times Seen21 Hash 457a363a3f8319e1ef6a374db2436088 1d407b11b40fdea73d4b56b445b7b3a4cd5efec9 e76d709f1992bf5c7b8a234d65019ca1269b6d9f1ffae7555e6873aa901df91a Loading...

	www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1	ScriptElement	95 B	2023-05-22	2024-08-21
Pretty URL www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen222 Hash 64829824ee643f09fb3821dc49b3089a 446608ff9f4128b9503476135a8c28599f8d5c2e 0b967c52b8e899c4266110c97fa50018d61ccf1365144d16f09f901523d48c95 Loading...

	www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html	ScriptElement	233 B	2024-08-20	2024-08-20
Pretty URL www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:08 Last Seen2024-08-20 17:08 Times Seen1 Hash 8f4e1cd28e5897b0f1cc91b0c49c71bb ba047defa28b4b26b6203a130a567612b9d01eea 20a6b407d66b5d434abc0e78ffe25a23e35384eca369adabdba7fe69ef084047 Loading...

	www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1	ScriptElement	15 kB	2023-05-22	2024-08-21
Pretty URL www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen228 Hash ad955f14cdcc21d58014f25ab7c8d46d 8915b95d672d54be6fb01a239088aba305d4798e d6304e162f8fe5054a4c5430d2f1d78ea2ad54c1ff61ea708d148bf385312407 Loading...

	www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html	ScriptElement	459 B	2024-08-20	2024-08-20
Pretty URL www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:08 Last Seen2024-08-20 17:08 Times Seen1 Hash 0e5608be0a1f25e7e9c47fef9cd7ad85 2aaa44ec8195844f5e993688c7891c5e60f7c2de d3da992e17a6ae7e88dcbf2fa01c43703896644e909fcf5f9264aba661d5a109 Loading...

	www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html	ScriptElement	130 B	2023-05-22	2024-08-21
Pretty URL www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen180 Hash 071769b9151182dafbb83441dc6fd6e8 2d0debcc38211b79d10eb26c1f233ab0bb385666 cb6b201c1fe09a074a97d8a5f952a0b246e9d4cab3c890cdd66fc72267c8814b Loading...

	psuftoum.com/5/1316441	ScriptElement	72 kB	2023-12-01	2023-12-01
Pretty URL psuftoum.com/5/1316441 IP 139.45.197.244 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 21:24 Last Seen2023-12-01 21:24 Times Seen1 Hash cd992087e180c52441eb8a32a043c3a3 38d94e7c39066147250e20d2164287ddd9b6c65b 547aec97d76257f15e334bc3089faa55532a252db21d5f84ebb892a5b6797bb9 Loading...

	unknown	ScriptElement	196 B	2023-11-17	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-17 15:46 Last Seen2024-08-20 19:05 Times Seen39 Hash 43603cd222cb16c705b5e2d8ea8b85ea 8b6753fa36c7c328d0035594638d67b6af1611fc 760b2727afb68b6edfe1f97a3c2df60fda81477a451f3913b2b15d72e29c4ffb Loading...

	eehuzaih.com/400/5005565	ScriptElement	89 kB	2024-08-20	2024-08-20
Pretty URL eehuzaih.com/400/5005565 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:08 Last Seen2024-08-20 17:08 Times Seen1 Hash eaaeb37d5c6c3765a4b2dea0c321c0b4 9f3afdc93a94dc9865c51e0841c3da4c7849c05b 011822f6fbf7984e9df68d72127aaec984358049e2c1f9fd6b843a0dee2e020d Loading...

	www.google.com/adsense/domains/caf.js?abp=1	ScriptElement	150 kB	2023-11-08	2023-12-11
Pretty URL www.google.com/adsense/domains/caf.js?abp=1 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-08 16:34 Last Seen2023-12-11 19:28 Times Seen1308 Hash 980fb04d2da5f7f360deea9af49a0fdc d9c762b66a33644ddc28c2ce6c09e1f400df8cdd f9b94b36f3a1ff7c60d1048d748663b9d5592499491f07f7574a6b77b089a0af Loading...

	www.nbfcs.org/#signUp=754549898436681728	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL www.nbfcs.org/#signUp=754549898436681728 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 03:30 Times Seen4633645 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html	ScriptElement	153 B	2023-10-28	2024-08-20
Pretty URL www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-28 22:45 Last Seen2024-08-20 22:01 Times Seen131 Hash 378b048db9feb942a4873575f1b0a66b 6d87c4a103cb5fffe86ff758571eae39a1237c35 bc4c36697eee6b442da5b8f9faa8b7686e2d148ca08be69e1312ba734c5e9de8 Loading...

	www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html	ScriptElement	63 kB	2023-05-22	2024-08-21
Pretty URL www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen197 Hash be4906ea1de45e4a62febac1060e305a cac55e3d64f37ecd4c069a10277c888e27fedce4 6b95ca3aa5c2c38a6db46a8a40b9b30a248a35f815d619c7e86fb5e569b0d224 Loading...

	apis.google.com/js/plusone.js	ScriptElement	58 kB	2023-11-28	2023-12-18
Pretty URL apis.google.com/js/plusone.js IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 16:18 Last Seen2023-12-18 14:18 Times Seen259 Hash 12476fdc6b8599d03eac729748337611 7a15dc04ad6e77026bf45927b78247411e3e0466 c5be6532f19ca90fb5966ed89be694f2bc2cded1e443d3489467cb28cd69af43 Loading...

	www.kursnalista.co/banners/banners.js	ScriptElement	8.1 kB	2023-05-22	2024-08-21
Pretty URL www.kursnalista.co/banners/banners.js IP 192.185.106.47 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen221 Hash 0fa58c243ecc9c6ff829da27563c78c4 771e757dcaddc90a127b557e6a8a69b9dfe4767d 4631955f687225007a1227be7e662f1f45798c13a573f70670e748ff50aa194b Loading...

	ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js	ScriptElement	12 kB	2023-09-06	2024-08-21
Pretty URL ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-06 15:46 Last Seen2024-08-21 07:24 Times Seen1994 Hash 92169c8a0fbf6e404267d0705cdbdf42 a5cd88b74ca5ced239cdbfb458fe25540d671f46 dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384 Loading...

	www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4	ScriptElement	19 kB	2023-03-08	2025-05-07
Pretty URL www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26 Last Seen2025-05-07 14:51 Times Seen20810 Hash f88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a Loading...

	www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html	ScriptElement	231 B	2023-05-22	2024-08-21
Pretty URL www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen197 Hash 8eb49f7b6efd94cdd86e86cb6fb64ab1 556d6d9c3502c6c9e0a4fafb3e6d35244fbef674 43544840429e505afe1d466f749f47712d8213c4c1d14772e7e879ccc9b09cbf Loading...

	www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1	ScriptElement	571 kB	2023-03-07	2025-04-24
Pretty URL www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33 Last Seen2025-04-24 02:06 Times Seen295 Hash 6d53ab10ac8d6c3be0ee1df6b4bdc00f a5b0990fbcaf8b5f73085d9c02236e68b02f113e 0e12b6aea62f8d1c2e29e27393e231a8a17472728b303b586e2d4fb3ff5b481f Loading...

	www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1	ScriptElement	3.4 kB	2023-03-07	2025-05-08
Pretty URL www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32 Last Seen2025-05-08 00:34 Times Seen715 Hash 6755415003869bd599c3fae8e9792027 57946a22c79654014eb00fb548f727d302221873 07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs	ScriptElement	66 kB	2023-11-28	2024-08-20
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 11:17 Last Seen2024-08-20 17:36 Times Seen195 Hash 009832d077d8fc42d725066c2b774fd6 0994f8575917c4eeb66f6bdb0a65609aa8902cac b1e012aaab4e65462b456ff6a07a6512c7b11d1682d228531d66b132dcf3d364 Loading...

	img1.wsimg.com/parking-lander/static/js/main.ca05d067.js	ScriptElement	728 kB	2023-12-01	2023-12-04
Pretty URL img1.wsimg.com/parking-lander/static/js/main.ca05d067.js IP 95.101.10.129 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 01:28 Last Seen2023-12-04 23:10 Times Seen206 Hash 811ad71e90aa2b6a4607d0c1abbca408 d3b5cfd3d7538378bf5da3585e2a9a46710acab3 c3b904813a72bc219c9c46e65ff8b8a33c38d43cc6d34db4c8f8954345bf0546 Loading...

	www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html	ScriptElement	275 B	2023-03-14	2024-08-21
Pretty URL www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 00:55 Last Seen2024-08-21 08:08 Times Seen202 Hash 75a198bff010258566f15c985871f637 c73be2b97536168613d453147e3dcff01999220c dd9b861b501b2e39307932dff8443bdf955fad5346b2d9c2854670c5d48752ee Loading...

	eehuzaih.com/400/5005565	ScriptElement	89 kB	2024-08-20	2024-08-20
Pretty URL eehuzaih.com/400/5005565 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:08 Last Seen2024-08-20 17:08 Times Seen1 Hash 67b384b3d2f39afda2b9b8347ca69d54 05eaeaa425c5d5d25e920cd5140b421955e25e2d aba153de55160e8e6d61827f53147cecf5cc8c615d6a2648f625bba90eee83aa Loading...

	pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js	ScriptElement	43 kB	2023-12-01	2023-12-01
Pretty URL pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js IP 173.233.137.52 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 21:24 Last Seen2023-12-01 21:24 Times Seen1 Hash d57d10b07d3e1fa7a1b52fd891483d81 cae3e2e765509b001eb69db52908723c6c441b78 07075c8188860c165386f127e566493c650752354ba55fbc461566d9c62c6c6f Loading...

	www.vugla.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-05-09
Pretty URL www.vugla.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-05-09 03:15 Times Seen91844 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-05-09
Pretty URL www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-05-09 03:15 Times Seen105622 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	unknown	ScriptElement	145 B	2023-08-25	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 09:27 Last Seen2024-08-21 08:08 Times Seen146 Hash 25ee70ccfb4bb15c14c145562f0f0305 750f0fcb4ebd205c768b5bbb7dba73a7100e66e3 4873fcd169e86b6cf750a5c26c2217dd0493a0f27b3407d75ed7feb77ba9f45c Loading...

	www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6	ScriptElement	28 kB	2023-04-14	2025-04-17
Pretty URL www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-14 15:15 Last Seen2025-04-17 03:23 Times Seen362 Hash 68f8af044f685b84c7d49ac2356acabf 585889874b36224e980f4d285044ec0fb478dc7c 9fe6a07f596d507305d1480e6bb301d04cbf5ef8660b24b9fa411e39607a7ab5 Loading...

	tharbadir.com/2?z=1347951	ScriptElement	43 kB	2023-12-01	2023-12-01
Pretty URL tharbadir.com/2?z=1347951 IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 21:24 Last Seen2023-12-01 21:24 Times Seen1 Hash ba0dd3ea6eec9ca6464177053d3bcfed a5e58bf2799e21df6f951e0b24f963a4a9c1bf27 e0735c3a840dd4ba2c1d51cdc5e1eac581976f82eb7f725f2a2c5f49cfb48e6b Loading...

	www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html	ScriptElement	204 B	2023-08-25	2024-08-21
Pretty URL www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-25 09:27 Last Seen2024-08-21 08:08 Times Seen159 Hash ff3448265c8993d78798a96ece09fe88 07af2a326db79b0282f3e0399f4481e37b3c1be7 b0568da9ebb64ae54d9132b080408fccc6f1011f2116550f842a05beb81b0f33 Loading...

	www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6	ScriptElement	13 kB	2023-03-07	2025-05-08
Pretty URL www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33 Last Seen2025-05-08 18:22 Times Seen474 Hash 416d2c5e5425c640a7d63f25e0376fd6 a95b218161d94bdb148d108aedf065b4a4762045 b875bead01dfa1b02a553e8efda0f3a65d39da24f19ad37af95f06795eee76dc Loading...

	www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1	ScriptElement	23 kB	2023-03-07	2025-05-08
Pretty URL www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1 IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33 Last Seen2025-05-08 18:22 Times Seen693 Hash 3229aa93c44fa4628707e80959a97bc1 5a2d4dbc4d1df02e7a386489e7b5c5a9e22dd40f 095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90 Loading...

	tharbadir.com/27/b7af9eee900df9a8aa2af9ad8ee46174	ScriptElement	413 kB	2023-11-24	2024-08-20
Pretty URL tharbadir.com/27/b7af9eee900df9a8aa2af9ad8ee46174 IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-24 13:48 Last Seen2024-08-20 18:04 Times Seen548 Hash 1dc3ebe1459db3cde0597b21156f2665 0e5a8c7b79a34f4fffaeab7c7eb4f3a19b0d75f6 1a3f7f2cfe5fba958e9df1a38c0980aab5bb21225601ea849f9e6df4afe09f2e Loading...

	www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html	ScriptElement	888 B	2023-08-25	2024-08-21
Pretty URL www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-25 09:27 Last Seen2024-08-21 08:08 Times Seen159 Hash b764db4fe165c62db0d123b867e94bd5 d6b4fdaea71527d774ea41a3673e8c4e6c6b0709 6b9344d192e83f73413812f815e820abcf65bf83ccbe0426b5a55d186ed03ef1 Loading...

	www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html	ScriptElement	140 B	2023-11-13	2024-08-20
Pretty URL www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html IP 192.185.106.252 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-13 23:13 Last Seen2024-08-20 19:42 Times Seen85 Hash 26ff9d1af4532dd17eb41e6415eea9c1 5503e4032968e229087012da0c0b6a48690f4e55 5f396c3ff05da19529975f5bc46464e9fc9306c56b540e72acd574461e28c978 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs	ScriptElement	161 kB	2023-11-28	2023-12-18
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 16:18 Last Seen2023-12-18 14:18 Times Seen255 Hash 4a256001cbbe7af37c71afbd89ba1656 4760f1dee9f6ff6db6f33eeee3dc7ec76155f7dd 5b683a525a2a814b27fc09152ee8030b6d542cd24a61de371bbe5e8815e9d0b1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 88c71be3be374761970d408dce06d46d	2.1 kB	2024-08-20 17:08	2024-08-20 17:08
Pretty Observations First Seen2024-08-20 17:08 Last Seen2024-08-20 17:08 Times Seen1 Hash 88c71be3be374761970d408dce06d46d e4798a59e12f3208ded008a2a76c203972f9bdd2 eb3913d68992d4708416ee2555e2a869cba13fcb6f0e95569dbc5df45e03f784 Loading...

		Size	First Seen	Last Seen
	#1 Write - 31c9da99d87f30d4105f391c11ae8757	128 B	2023-08-25 09:27	2024-08-21 08:08
Pretty Observations First Seen2023-08-25 09:27 Last Seen2024-08-21 08:08 Times Seen183 Hash 31c9da99d87f30d4105f391c11ae8757 da2648a5466570fd4aa986282e122d12ab6b5648 1dbdd8a3b493ad2b2750901f83983de94b8f59db68ab58aebe45672fc4dba75d Loading...

	#2 Write - da6ff8ca4515b002c2750d4ca411ab7d	217 B	2023-09-21 10:07	2024-08-21 06:11
Pretty Observations First Seen2023-09-21 10:07 Last Seen2024-08-21 06:11 Times Seen21 Hash da6ff8ca4515b002c2750d4ca411ab7d 01f4ca70353821d9d411e80821dd02313d584244 9782e2594959d3a2ff3a489a85d73ae8a9761f5288e403df6504828a5867417c Loading...

	#3 Write - 4caf252d8b5f67a4a15a37b9a44e0a8a	51 kB	2023-05-22 08:22	2024-08-21 08:08
Pretty Observations First Seen2023-05-22 08:22 Last Seen2024-08-21 08:08 Times Seen191 Hash 4caf252d8b5f67a4a15a37b9a44e0a8a 0336cd0390878dffa987b70d66cd9181f975034e 3c2f3f2a1ab8a2ddae090dfc52981d4b729beacc08487c95eb64a83af9217bd8 Loading...

HTTP Transactions (164)

URL IP Response Size

www.vugla.com/?p=574573

192.185.106.252

301 Moved Permanently

0 B

URL User Request GET HTTP/2
www.vugla.com/?p=574573
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?p=574573 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
x-pingback: https://www.vugla.com/xmlrpc.php
x-redirect-by: WordPress
content-security-policy: upgrade-insecure-requests;
location: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
cache-control: max-age=10800
expires: Fri, 01 Dec 2023 23:23:48 GMT
vary: User-Agent
referrer-policy: 
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 20:23:48 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3

192.185.106.252

409 Conflict

83 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1

192.185.106.252

200 OK

398 B

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text
Size
398 B (398 bytes)
Hash
4f140b946bdc4cb833896a992db68c6d
52d6c64f9c5478bb70604068a66f06283ecff968
f8f90d1cacc59cf90886948787ef5c723b8de9e41092285611f2f915b5996ef2

HTTP Headers

GET /wp-content/themes/vugla/style.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 24 Mar 2020 17:57:12 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 398
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1

192.185.106.252

200 OK

320 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
320 B (320 bytes)
Hash
199decab27dd471d35814631e71e6fea
42c2847529b6859230bc2f4e8e6432805a06148b
7279594a46188e3246db42ffd4c609fc254c6fa06bfca8b72dd82e63fa4e6385

HTTP Headers

GET /wp-content/plugins/vn-featured-image-gallery/css/style.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 26 May 2014 20:39:02 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 320
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1

192.185.106.252

200 OK

733 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (2553), with no line terminators
Size
733 B (733 bytes)
Hash
229bf132659b3607e05296743613ecca
2f498516b73ae5f087904669ccd6b3eb57054711
73214adfea5dc8d2ab7aae66baec56aab47e70224557c08f424b80909d1acd7c

HTTP Headers

GET /wp-content/plugins/vn-video-player/style/theme-city.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:33 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 733
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1

192.185.106.252

200 OK

14 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
Unicode text, UTF-8 text, with very long lines (5844)
Size
14 kB (13761 bytes)
Hash
514fccb15bdc95ea2c2b6fddaded8ecc
4c999194bb19b83cc85f40621fa1c74cd1a4cbf7
d86730f73982f170cb0943d0d47c3c2520743d6a3d6cf5330cde12667df675ca

HTTP Headers

GET /wp-content/plugins/vn-video-player/style/video-js.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:35 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 13761
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

192.185.106.252

200 OK

5.4 kB

URL GET HTTP/2
www.vugla.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (13479)
Size
5.4 kB (5422 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 5422
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6

192.185.106.252

200 OK

1.4 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (4310), with CRLF line terminators
Size
1.4 kB (1410 bytes)
Hash
b236fbc68ad6824d6fd4be9501a56ea5
5147f5e6779b335a45771a6a9ec9f0a1db8079ef
d49c9ad378618e0a0eb8e6fca04c13f6005e13badf79e0c977d76d851f7aa60a

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1410
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1

192.185.106.252

200 OK

89 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
89 B (89 bytes)
Hash
b20aaffdf9d8e1f413b536edb9d1b649
0f3afd6ef6940700eb7f245629d1b79c52f45b47
9534982bd24eaa3205ac2e5a4dbd6a16a3129b70df981f422562ef3a30ade7cd

HTTP Headers

GET /wp-content/plugins/vn-video-player/style/vn_player_container.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:50:56 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 89
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3

192.185.106.252

409 Conflict

83 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3

192.185.106.252

409 Conflict

83 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/logo.png

192.185.106.252

200 OK

7.9 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/logo.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 254 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
7.9 kB (7870 bytes)
Hash
f8e78d7eed20f4d77ca41cbf9700c0fa
9c40c7c5ae212e070b2aceda05b7e34de143a670
cf314f8938fb5d378e49a7e09683a206e244024b7ca3a7ec1676f22804285ca7

HTTP Headers

GET /wp-content/themes/vugla/images/logo.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 18 Nov 2013 11:35:09 GMT
accept-ranges: bytes
content-length: 7870
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png

192.185.106.252

200 OK

2.6 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2562 bytes)
Hash
56735b8135d0a3b1db1b1e1a34945e85
dc604b4e7030d9fe583393b94f1811fe69628107
7ef39fd53ffb21c300f78615faa8eab8eb1163ad1b70843efa4550a0bda364bc

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/fb-messenger-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 26 Jul 2017 12:44:40 GMT
accept-ranges: bytes
content-length: 2562
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png

192.185.106.252

200 OK

584 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
584 B (584 bytes)
Hash
114d84e23ab95df71589ab5e67b93b85
2270334f4b83486ceaab53133e4706537c16f38a
1353c448068301ee8534bd1d3c8eb214863afa0b9f716222dfe93e2739cffac2

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 584
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/zagreb-trg-bana-jelacica-2-150x150.jpg

192.185.106.252

200 OK

7.0 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2021/11/zagreb-trg-bana-jelacica-2-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
7.0 kB (6982 bytes)
Hash
1fc23d41bb894274b7cf389d2bfcf57c
b752e2962b4feea7ae0eaf899b0c6b4e818c413d
8f5be453ac83ca763b56a8708ca2232490946e1620c1cb20f37947d376411e71

HTTP Headers

GET /wp-content/uploads/2021/11/zagreb-trg-bana-jelacica-2-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 29 Nov 2021 17:20:28 GMT
accept-ranges: bytes
content-length: 6982
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1

192.185.106.252

200 OK

8.7 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (17739), with CRLF line terminators
Size
8.7 kB (8747 bytes)
Hash
3229aa93c44fa4628707e80959a97bc1
5a2d4dbc4d1df02e7a386489e7b5c5a9e22dd40f
095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8747
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/hvar-webcam-150x150.jpg

192.185.106.252

200 OK

7.7 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2021/11/hvar-webcam-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
7.7 kB (7651 bytes)
Hash
62774f92064e395fda65b50793c90f6d
9f53f11b2a92302becdcc5f0f46ac07468ea7510
2f86b046ac5c1148f0e69510d44889d7ddb1bbaa1d3f2d4606e9fd93e4c0de82

HTTP Headers

GET /wp-content/uploads/2021/11/hvar-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 25 Nov 2021 11:02:45 GMT
accept-ranges: bytes
content-length: 7651
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png

192.185.106.252

200 OK

725 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
725 B (725 bytes)
Hash
5da9fb18cfc9264a6e95b4a8bf4d2fcb
7bb78a36bc621ea268a0dad519c9c5c539e751ce
c6e399926b1aeb3634681cf7eb6af4e355325a6b2b6f8a89ad65ece3523fab18

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/linkedin.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 725
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png

192.185.106.252

200 OK

1.7 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1659 bytes)
Hash
42bec42b54ef1bb6bb9596efa815973d
88145ca02b72936eb430e818cd7a80f189ca9166
154a5b712eedff5cdee156292d8795dd139a350c7ed09982e5faec55a0ab2f42

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/mail.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 1659
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/beograd-most-miladina-zivica-webcam-150x150.jpg

192.185.106.252

200 OK

5.5 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2021/11/beograd-most-miladina-zivica-webcam-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
5.5 kB (5510 bytes)
Hash
3fddda90683b7416f197bf988102840f
267cd52c70c992251e044b48ac04dcae61114c93
669bd143aeb2909494a8efa6031423535f6d79c5c0ed0c4f820ec6a064b3ef90

HTTP Headers

GET /wp-content/uploads/2021/11/beograd-most-miladina-zivica-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 25 Nov 2021 11:05:33 GMT
accept-ranges: bytes
content-length: 5510
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png

192.185.106.252

200 OK

5.9 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
5.9 kB (5880 bytes)
Hash
616a93e26f2d9261cd8412a8741f7be8
5fbfd88e502bcc766a9c9ef1d1751ed16ce1197c
306accb5ad46635aeb9481a9bc934c14ae474e924ec52b6673141c5acacd800d

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/whatsapp-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 22 Dec 2016 10:00:28 GMT
accept-ranges: bytes
content-length: 5880
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

apis.google.com/js/plusone.js

142.250.74.78

200 OK

22 kB

URL GET HTTP/2
apis.google.com/js/plusone.js
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
Fingerprint06:87:C0:63:02:21:98:02:BD:FC:A0:11:93:E9:3A:9F:51:21:06:D8
ValidityMon, 23 Oct 2023 11:25:10 GMT - Mon, 15 Jan 2024 11:25:09 GMT

File type
ASCII text, with very long lines (2664)
Size
22 kB (21930 bytes)
Hash
12476fdc6b8599d03eac729748337611
7a15dc04ad6e77026bf45927b78247411e3e0466
c5be6532f19ca90fb5966ed89be694f2bc2cded1e443d3489467cb28cd69af43

HTTP Headers

GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 21930
date: Fri, 01 Dec 2023 20:23:50 GMT
expires: Fri, 01 Dec 2023 20:23:50 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "b82ec1e6cb6f99ed"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=t3wHmYRISW1RKhTu-C_bEWrSOSoYMygWggggdQNp--2rP1wvHJ11q5DEAUihStIzNxS9dW8GHUyqSdQ2q6JYm6-kvGSzi9AzMhkAo50URhRBlA5WUbS-CXubEcLM_-OmJSnS9a_Qu4TRwNTBQ8qN3_G6VGrDEJjm7Q9OktcNyyQ; expires=Sat, 01-Jun-2024 20:23:50 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png

192.185.106.252

200 OK

2.3 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2328 bytes)
Hash
91d33236832e22fe9743606623bd001a
d7101e60e49e86dbe1f34876228aa6831ad568f7
5571cdc5e0d90001474bf488c142929a02a39e55a4a7f61c44d1f94a4087eda1

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/reddit.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 2328
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1

192.185.106.252

200 OK

1.4 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
HTML document, ASCII text
Size
1.4 kB (1389 bytes)
Hash
6755415003869bd599c3fae8e9792027
57946a22c79654014eb00fb548f727d302221873
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

HTTP Headers

GET /wp-content/plugins/vn-video-player/js_scripts/jquery.fitvids.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:28 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1389
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/zivotinje-kako-su-39-rok-zvezde-39-pande-ostale-bez-ljubavne-price.jpg

192.185.106.252

200 OK

16 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/12/zivotinje-kako-su-39-rok-zvezde-39-pande-ostale-bez-ljubavne-price.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], baseline, precision 8, 320x180, components 3\012- data
Size
16 kB (15801 bytes)
Hash
5147e42fc6edd7b965161a3ef6e6179d
3876b2ae7f66a9e74421dcd51747b09a009ebb71
f26cd12b51fcab079129c832ee9cedaa51294edb14b93cc749cae74b56b62463

HTTP Headers

GET /wp-content/uploads/2023/12/zivotinje-kako-su-39-rok-zvezde-39-pande-ostale-bez-ljubavne-price.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 01 Dec 2023 09:55:19 GMT
accept-ranges: bytes
content-length: 15801
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/12/backa-west-ham-golovi-30-11-2023-150x150.jpg

192.185.106.252

200 OK

4.2 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/12/backa-west-ham-golovi-30-11-2023-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
4.2 kB (4163 bytes)
Hash
d2944a2988ea437dd47e366c35318287
bb2ce83b81e69d624aebf85a53d328b79e794fe0
3e810cdaa1d877d350dcc84007411d3df081852910972b4cbae76eccbc14a39d

HTTP Headers

GET /wp-content/uploads/2023/12/backa-west-ham-golovi-30-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 23:14:23 GMT
accept-ranges: bytes
content-length: 4163
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/mallorca-cadiz-golovi-29-11-2023-150x150.jpg

192.185.106.252

200 OK

3.2 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/11/mallorca-cadiz-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
3.2 kB (3206 bytes)
Hash
c4ac3f2f10ead27a6c470fae8fc5c5e7
33d7f8215ac9949c54459676bf8048df6d51d73b
ba12aca2f09ad73a05991204f75c235aedee8fd2265f66d6d5e26384cea71e34

HTTP Headers

GET /wp-content/uploads/2023/11/mallorca-cadiz-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:29 GMT
accept-ranges: bytes
content-length: 3206
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/bayern-munich-fc-copenhagen-golovi-29-11-2023-150x150.jpg

192.185.106.252

200 OK

6.5 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/11/bayern-munich-fc-copenhagen-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
6.5 kB (6455 bytes)
Hash
7b7ac3fe315dc9eb4b7939372ed450e9
6a2a2a5470e3648a563cce65ac6d1cd6ac8428ee
54d808ec3b10ea6b3b241b4703caabe1170aa6d07e91c54cb0b68784478ad51d

HTTP Headers

GET /wp-content/uploads/2023/11/bayern-munich-fc-copenhagen-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:18 GMT
accept-ranges: bytes
content-length: 6455
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/las-vegas-webcam-150x150.jpg

192.185.106.252

200 OK

6.2 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2021/11/las-vegas-webcam-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
6.2 kB (6150 bytes)
Hash
7232d222adbf508fe855c86ec73f32bd
802aff30255dd767e5829d7a3100e8be30d69675
db2852d9d1823c9a769e60dd23aab9df1abad22a0077d9f8c2e5e209e8d630a8

HTTP Headers

GET /wp-content/uploads/2021/11/las-vegas-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 24 Nov 2021 17:47:32 GMT
accept-ranges: bytes
content-length: 6150
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6

192.185.106.252

200 OK

8.6 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
Unicode text, UTF-8 text, with very long lines (629), with CRLF line terminators
Size
8.6 kB (8560 bytes)
Hash
68f8af044f685b84c7d49ac2356acabf
585889874b36224e980f4d285044ec0fb478dc7c
9fe6a07f596d507305d1480e6bb301d04cbf5ef8660b24b9fa411e39607a7ab5

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8560
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/real-sociedad-salzburg-golovi-29-11-2023-150x150.jpg

192.185.106.252

200 OK

5.4 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/11/real-sociedad-salzburg-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
5.4 kB (5353 bytes)
Hash
3dd0b6a881bcbf037b6fc140e05dc03e
88a53f3308d933fe32230071702ebd547d7ea65f
2acd2ffefda761e9164ef6e6107caed96686c26e1af57498ba71d448c6c1766d

HTTP Headers

GET /wp-content/uploads/2023/11/real-sociedad-salzburg-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:27 GMT
accept-ranges: bytes
content-length: 5353
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1

192.185.106.252

200 OK

106 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
106 B (106 bytes)
Hash
64829824ee643f09fb3821dc49b3089a
446608ff9f4128b9503476135a8c28599f8d5c2e
0b967c52b8e899c4266110c97fa50018d61ccf1365144d16f09f901523d48c95

HTTP Headers

GET /wp-content/plugins/vn-video-player/js_scripts/vn_player_fit.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:31 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 106
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT

142.250.74.168

200 OK

86 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-7NCJ73THPT
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3034)
Size
86 kB (85508 bytes)
Hash
210ba9286974f8f27d255054f707c2f7
c81b45b1bfdd2bf9a1ec824ef97c908483948ded
4e73dc2ae2f5be4cfb44779d6f708dce8a98d3c16904c41d5864fc8c3245075d

HTTP Headers

GET /gtag/js?id=G-7NCJ73THPT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 20:23:50 GMT
expires: Fri, 01 Dec 2023 20:23:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85508
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png

192.185.106.252

200 OK

861 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size
861 B (861 bytes)
Hash
1d8dab6f1066b94b74f5611a8c918681
4e0edc7ba1ada49418772d8d581cd3d38518d490
bac6d2c8418e543d967d6e57710eda1ca4318ddd917c19a28fd63b4240e8d150

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/tumblr.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 861
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/benfica-inter-golovi-29-11-2023-150x150.jpg

192.185.106.252

200 OK

4.6 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/11/benfica-inter-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
4.6 kB (4550 bytes)
Hash
f25ddb130bb8a894d4b33c0b2dc7f1c1
c385eb5107fcb92146738fe1846ce4b33cd41659
3c03f20d9971177deee5a25b222a9af1dc8eb62a5c4b24fbde4ac84ba7360421

HTTP Headers

GET /wp-content/uploads/2023/11/benfica-inter-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:20 GMT
accept-ranges: bytes
content-length: 4550
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/mobile-share/viber-64x64.png

192.185.106.252

200 OK

7.1 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/mobile-share/viber-64x64.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7120 bytes)
Hash
de186be4358ae6892385bcb78cc79b01
d933c306c857b9e84e321c4756d384a6e8093da2
c912b95fc0e537dbd5d103172a9ad3df2a3c8ad4ce5e6d6cebbaf31d7f6d58be

HTTP Headers

GET /wp-content/themes/vugla/images/mobile-share/viber-64x64.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 22 Dec 2016 10:00:29 GMT
accept-ranges: bytes
content-length: 7120
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6

192.185.106.252

200 OK

4.7 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (12917), with CRLF line terminators
Size
4.7 kB (4708 bytes)
Hash
416d2c5e5425c640a7d63f25e0376fd6
a95b218161d94bdb148d108aedf065b4a4762045
b875bead01dfa1b02a553e8efda0f3a65d39da24f19ad37af95f06795eee76dc

HTTP Headers

GET /wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.6 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 27 Nov 2023 23:58:55 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 4708
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png

192.185.106.252

200 OK

1.8 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1762 bytes)
Hash
9cb3d67f468539abb72395dc73934190
9928de37e21649c1799e3287a13f897a34aab5e1
04a457e988270cb1dc76bd57ac8e62fddf02c02b618a1ac6cb0880b93633f5e0

HTTP Headers

GET /wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:26:48 GMT
accept-ranges: bytes
content-length: 1762
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/pula-veruda-1-webcam-150x150.jpg

192.185.106.252

200 OK

5.3 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2021/11/pula-veruda-1-webcam-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
5.3 kB (5261 bytes)
Hash
545ec6f4f211e438ebfa5d45422b8a6a
a0b51351671fa7f76b0053283a1f7dd38e728008
c36775e46bd960eb1d8c52af2a281dbd404becc78547155debd5faa8f65f775b

HTTP Headers

GET /wp-content/uploads/2021/11/pula-veruda-1-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 24 Nov 2021 17:11:32 GMT
accept-ranges: bytes
content-length: 5261
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2023/11/real-madrid-napoli-golovi-29-11-2023-150x150.jpg

192.185.106.252

200 OK

7.0 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2023/11/real-madrid-napoli-golovi-29-11-2023-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
7.0 kB (7027 bytes)
Hash
4776d86e08cc2943fbe3b675ec2c3727
692544e5a085db465793d417ab2c5e74f3551d73
9635934bdad0b3ce053f55c3dc84166f64e4a3ca982589117b9b79a01989d46e

HTTP Headers

GET /wp-content/uploads/2023/11/real-madrid-napoli-golovi-29-11-2023-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 30 Nov 2023 19:26:24 GMT
accept-ranges: bytes
content-length: 7027
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1

192.185.106.252

200 OK

7.0 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
HTML document, ASCII text, with very long lines (14641), with CRLF line terminators
Size
7.0 kB (6964 bytes)
Hash
ad955f14cdcc21d58014f25ab7c8d46d
8915b95d672d54be6fb01a239088aba305d4798e
d6304e162f8fe5054a4c5430d2f1d78ea2ad54c1ff61ea708d148bf385312407

HTTP Headers

GET /wp-content/themes/vugla/js/libs/modernizr-2.0.6.min.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 12:00:08 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 6964
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2021/11/venezia-campo-santa-maria-formosa-webcam-150x150.jpg

192.185.106.252

200 OK

6.9 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2021/11/venezia-campo-santa-maria-formosa-webcam-150x150.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
6.9 kB (6911 bytes)
Hash
c74f31b086db5e5227fd0f55ea243323
b6af0bcea2b75890836d2f8d642cdd5422f77d3f
4369ba2bcee1b40fd34f118e2fe8e91b1de1039ed28d203c051c3ec22aefa92b

HTTP Headers

GET /wp-content/uploads/2021/11/venezia-campo-santa-maria-formosa-webcam-150x150.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 28 Nov 2021 17:36:52 GMT
accept-ranges: bytes
content-length: 6911
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:50 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4

192.185.106.252

200 OK

8.3 kB

URL GET HTTP/2
www.vugla.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (18798)
Size
8.3 kB (8305 bytes)
Hash
f88d5720bb454ed5d204cbdb56901f6b
f1952292fde4b15936e9aac16b2b9896684db95b
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 8305
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_reset.css

192.185.106.252

200 OK

1.2 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/style_reset.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
1.2 kB (1152 bytes)
Hash
b5ae6c0ccd961d29a2924b03b0cbdd6e
3293dc40aa870c1cf79180eb7bd5c2ff28f3bd0a
0838fff76cfa3bad87963e64a610ea8d60b2dc8d0781a7531a2385f65de1ab2f

HTTP Headers

GET /wp-content/themes/vugla/css/style_reset.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:34 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1152
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/elastislide.css

192.185.106.252

200 OK

674 B

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/elastislide.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
674 B (674 bytes)
Hash
fac0ce1d7bcbe2001f963e204b03b3a4
fe650403bcbc74567e384eb3762c874835f6cad1
d8dcd83dfb6275b55ae8e495f6924dcfc52024a52f5639446a00de846ec7c7b9

HTTP Headers

GET /wp-content/themes/vugla/css/elastislide.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:21 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 674
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_400.css

192.185.106.252

200 OK

2.4 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/style_400.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2412 bytes)
Hash
1150741460f65df53d2a23c598e5807c
5520fd0a709fdfdc80089452403dbfa49b79f7d4
e0e19f2d1b42abb0a12a95da1488a3fb300ceeb34984bc9e321063184acb019b

HTTP Headers

GET /wp-content/themes/vugla/css/style_400.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2412
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_768.css

192.185.106.252

200 OK

2.5 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/style_768.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (408), with CRLF line terminators
Size
2.5 kB (2538 bytes)
Hash
14b717ed0c77c605f84b5b9a6b9892e9
5723bca38e18b8155b26f923590a05657911a377
6f37f5624b7bc60317a9c37a473fdf7dc34474d5f52cf169a7d52b35ca1dc0dd

HTTP Headers

GET /wp-content/themes/vugla/css/style_768.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:32 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2538
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_320.css

192.185.106.252

200 OK

2.4 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/style_320.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2413 bytes)
Hash
cc437b9ea4ed072bf7636ec9013f026d
df8db436e5193d474b97364dc0cd532a9b390fe5
4e92c5bc2c3f90209e1bec52f50461d8c04d82a539296918f0db0c61af63aab2

HTTP Headers

GET /wp-content/themes/vugla/css/style_320.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2413
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/flexslider.css

192.185.106.252

200 OK

1.5 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/flexslider.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1526 bytes)
Hash
aed0d9c2792c1ca777bfce04eb08ae7a
64e98271e4539dbf8819fa9d801017423c9bc30b
7f7b09426068a9bacddeefcf29f89063307fdc903ac45a569853b8c452d9b62d

HTTP Headers

GET /wp-content/themes/vugla/css/flexslider.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 08 May 2014 09:18:47 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1526
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_1024.css

192.185.106.252

200 OK

2.3 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/style_1024.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
2.3 kB (2267 bytes)
Hash
7f4d3aa769cc8bb0e3c77745ff5c9d64
2da3458d48663a397a5a42c3bb52777bc5889dc0
7a6c4ca634ef663c6a3887df843fc04c40632ff46c53eb9f7d35bfcde21453b4

HTTP Headers

GET /wp-content/themes/vugla/css/style_1024.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:28 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 2267
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/tabber.css

192.185.106.252

200 OK

1.7 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/tabber.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
1.7 kB (1710 bytes)
Hash
a3e36a4db7b488bd984dd17c6e17cf63
33e7b11f7e1f149f954b6d938db9e36599816e8a
3609900b90f9835e1525c38bb6b1bcbffea0a14894799e54a07c2a9df09cb03d

HTTP Headers

GET /wp-content/themes/vugla/css/tabber.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 1710
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/wpp.css

192.185.106.252

200 OK

357 B

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/wpp.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with CRLF line terminators
Size
357 B (357 bytes)
Hash
6b44660f121f565e2aab91b7b321ff28
62628718b7edeaccc74d1943d36bc1e0c9d16512
467aa063b813fd2fc1b3ebabc45d6e840d807dad90c169f0ee12f93bcf667851

HTTP Headers

GET /wp-content/themes/vugla/css/wpp.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:52:37 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-length: 357
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1

192.185.106.252

200 OK

213 kB

URL GET HTTP/2
www.vugla.com/wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
gzip compressed data, from Unix\012- data
Size
213 kB (212851 bytes)
Hash
652e963f909f4451ec3c1878fa110aec
26d52c2abcd375fcac8682a466d7817674a29fee
bf74d6519b7f214180883770cc68b680690aa5868c55688e2104d2b74ebbee40

HTTP Headers

GET /wp-content/plugins/vn-video-player/js_scripts/video.min.js?ver=0.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 26 Nov 2021 15:34:30 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js

192.243.59.12

200 OK

9.3 kB

URL GET HTTP/1.1
pl16411290.alternativecpmgate.com/c9123167a2366d360cd4d80dad2ac358/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectalternativecpmgate.com
FingerprintC9:1F:74:2C:C9:F2:3A:E6:2D:4F:6C:DC:DD:18:6E:93:10:75:9E:24
ValidityFri, 20 Oct 2023 06:02:37 GMT - Thu, 18 Jan 2024 06:02:36 GMT

File type
Unicode text, UTF-8 text, with very long lines (25067), with no line terminators
Size
9.3 kB (9273 bytes)
Hash
bd979a1a07bb541e2edfbe8a50ca4aa6
46f6d137280f6170219c6f493e6eed270c20b80c
df5d6678b1243a3cabae669d7dd8f73048dbffbff1f5a2fb302762fae1569a0e

HTTP Headers

GET /c9123167a2366d360cd4d80dad2ac358/invoke.js HTTP/1.1
Host: pl16411290.alternativecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 01 Dec 2023 20:23:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d9845f6c5a7b5679b6aa8ecf4207dd15
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.kursnalista.co/banners/banners.js

192.185.106.47

200 OK

1.3 kB

URL GET HTTP/2
www.kursnalista.co/banners/banners.js
IP
192.185.106.47:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.kursnalista.co
Fingerprint1C:D4:9B:DE:4F:51:D3:F0:32:B2:6C:A1:1C:03:E2:3E:18:FC:D4:2A
ValidityMon, 20 Nov 2023 10:01:16 GMT - Sun, 18 Feb 2024 10:01:15 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (394), with CRLF line terminators
Size
1.3 kB (1261 bytes)
Hash
0fa58c243ecc9c6ff829da27563c78c4
771e757dcaddc90a127b557e6a8a69b9dfe4767d
4631955f687225007a1227be7e662f1f45798c13a573f70670e748ff50aa194b

HTTP Headers

GET /banners/banners.js HTTP/1.1
Host: www.kursnalista.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sun, 10 Jul 2022 10:44:43 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1261
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:51 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.67

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 141773
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.67

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 141773
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

142.250.74.67

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Size
35 kB (35120 bytes)
Hash
dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:49 GMT
expires: Thu, 28 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
age: 168422
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

142.250.74.67

200 OK

50 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 50368, version 1.0\012- data
Size
50 kB (50368 bytes)
Hash
4facfd6ff39e147b7e39c4b1abe4117d
0f7c0d978c209d21eb3f55950fc43e77c196ec3b
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

HTTP Headers

GET /s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:48:09 GMT
expires: Fri, 29 Nov 2024 04:48:09 GMT
cache-control: public, max-age=31536000
age: 142542
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/search-arrow.png

192.185.106.252

200 OK

3.1 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/search-arrow.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 75 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3075 bytes)
Hash
3f8933cdf4d27e317eb59959257f8c7a
b16e414fcb1561603cbf4ac404ec8b6fae1563ff
167925a8f225d7fc340317265409496b2d90e4313bd7d70bca4262bb1477eaf0

HTTP Headers

GET /wp-content/themes/vugla/images/search-arrow.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:13 GMT
accept-ranges: bytes
content-length: 3075
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:51 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/preloader.gif

192.185.106.252

200 OK

1.7 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/preloader.gif
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
GIF image data, version 89a, 16 x 16\012- data
Size
1.7 kB (1737 bytes)
Hash
dd6b7b0bf5c3af22499abc0a9ee1e1b2
e8c0018145d616fac4deb460d9c1d9c9dd4d3302
0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847

HTTP Headers

GET /wp-content/themes/vugla/images/preloader.gif HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:08 GMT
accept-ranges: bytes
content-length: 1737
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:51 GMT
referrer-policy: 
pragma: public
content-type: image/gif
date: Fri, 01 Dec 2023 20:23:51 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html

192.185.106.252

200 OK

0 B

URL HEAD HTTP/2
www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-pingback: https://www.vugla.com/xmlrpc.php
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/", <https://www.vugla.com/wp-json/wp/v2/posts/574573>; rel="alternate"; type="application/json", <https://www.vugla.com/?p=574573>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=10800
expires: Fri, 01 Dec 2023 23:23:51 GMT
vary: User-Agent
referrer-policy: 
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 20:23:51 GMT
server: Apache
X-Firefox-Spdy: h2

pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js

173.233.137.52

200 OK

15 kB

URL GET HTTP/1.1
pl15560907.passtechusa.com/d1/37/02/d137022925bcc2a680f8a4476ff94144.js
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectpasstechusa.com
FingerprintF4:5F:CD:11:B9:E4:E0:B6:E3:01:2A:A2:FB:0E:11:26:44:B4:D0:9D
ValidityFri, 13 Oct 2023 07:12:41 GMT - Thu, 11 Jan 2024 07:12:40 GMT

File type
ASCII text, with very long lines (42790), with no line terminators
Size
15 kB (15427 bytes)
Hash
d57d10b07d3e1fa7a1b52fd891483d81
cae3e2e765509b001eb69db52908723c6c441b78
07075c8188860c165386f127e566493c650752354ba55fbc461566d9c62c6c6f

HTTP Headers

GET /d1/37/02/d137022925bcc2a680f8a4476ff94144.js HTTP/1.1
Host: pl15560907.passtechusa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a91c2717ddf048e401ef555bf41bf2d2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html

192.185.106.252

200 OK

0 B

URL HEAD HTTP/2
www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-pingback: https://www.vugla.com/xmlrpc.php
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/", <https://www.vugla.com/wp-json/wp/v2/posts/574573>; rel="alternate"; type="application/json", <https://www.vugla.com/?p=574573>; rel=shortlink
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=10800
expires: Fri, 01 Dec 2023 23:23:51 GMT
vary: User-Agent
referrer-policy: 
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 20:23:51 GMT
server: Apache
X-Firefox-Spdy: h2

eehuzaih.com/400/5005565

139.45.197.237

200 OK

35 kB

URL GET HTTP/2
eehuzaih.com/400/5005565
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjecteehuzaih.com
FingerprintAC:55:E9:5B:5B:87:BF:89:7C:BE:E0:77:14:BE:B7:B4:16:AB:70:5A
ValiditySun, 12 Nov 2023 08:38:54 GMT - Sat, 10 Feb 2024 08:38:53 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
35 kB (34835 bytes)
Hash
62fbee44ed9cca0fe577949272352a44
00346350c2529e333de308c0208f31a1bdb3486c
60023a6d7d2f933c6f26b2e064842b0f488cba61cc66f48488da5d66735b6d6c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /400/5005565 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:51 GMT
content-type: application/javascript
x-trace-id: 025c110ed364edc224e530cbef3a2762
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=01182d7aed3b4fef8c59af58a596d388; expires=Sat, 30 Nov 2024 20:23:51 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js

192.243.59.12

200 OK

11 kB

URL GET HTTP/1.1
www.variouscreativeformats.com/c3b6bab9a3e6c622d733121998e0014d/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.variouscreativeformats.com
Fingerprint8B:21:A3:61:01:C7:2D:29:AF:11:C7:A7:A5:5E:E5:FD:AF:0E:05:43
ValidityMon, 27 Nov 2023 07:10:34 GMT - Sun, 25 Feb 2024 07:10:33 GMT

File type
exported SGML document, ASCII text, with very long lines (29643), with no line terminators
Size
11 kB (10916 bytes)
Hash
223406d9dbf6d31ee7d9236d1c95ea29
8a45024df7b5013212b1fd369c5670655bd55b66
8eb1cd23b38e67fb1ec812debb06ff9f68891aeecaf2edeba8c0a73081c27ed0

HTTP Headers

GET /c3b6bab9a3e6c622d733121998e0014d/invoke.js HTTP/1.1
Host: www.variouscreativeformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 01 Dec 2023 20:23:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 67a21bb45807e6456e5fbcba2f515b52
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
5b7b378f2f2e1279be0c0f57ceb0cf93
f03e52739a3a7e746036c3b8b7c42015632a931a
a801964dabaa860b97b788b0dd71cc601c6b38279cf522be462c816352ce1265

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 01 Dec 2023 20:23:52 GMT
Last-Modified: Fri, 01 Dec 2023 18:43:52 GMT
Server: ECAcc (ska/F73C)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: x7EGqATOKIkAEqXIWY5Wze-spfc7X1YufZ-7YPQc6GYc-PRKCRkmXA==
Age: 6000

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

142.250.74.67

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Size
35 kB (35120 bytes)
Hash
dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:49 GMT
expires: Thu, 28 Nov 2024 21:36:49 GMT
cache-control: public, max-age=31536000
age: 168423
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

142.250.74.67

200 OK

50 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 50368, version 1.0\012- data
Size
50 kB (50368 bytes)
Hash
4facfd6ff39e147b7e39c4b1abe4117d
0f7c0d978c209d21eb3f55950fc43e77c196ec3b
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

HTTP Headers

GET /s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:48:09 GMT
expires: Fri, 29 Nov 2024 04:48:09 GMT
cache-control: public, max-age=31536000
age: 142543
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.157.203.0

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.157.203.0:443
ASN
#16509 AMAZON-02

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
0d160cc89869905fe3ecacb479ad6e33
5dad8de8840fe36c258a201a843f73ea4a7770f3
f9579f3da0ea87e4b77529945714b25e3c981d240285069878eb70df1d352187

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.vugla.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=aa147afb-384f-420d-85a5-82ce2ce5a288:3:1; expires=Mon, 28 Nov 2033 20:23:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
978aa30287aab0f796c6847bbe637e36
3f5f11fe581c1e33e468f2c5ab5da73a338d7c26
316809d3f02fb80de3fe6cbc850e45f4176469057203de1d4f5529f4620bd095

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=fc6b62f817f7473a906e4e9a39f79ea0; expires=Sat, 30 Nov 2024 20:23:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1724
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 01 Dec 2023 20:24:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3

192.185.106.252

409 Conflict

83 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.463628786.1701462236
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/js/scripts.js?ver=6.4.1

192.185.106.252

200 OK

31 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/js/scripts.js?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
gzip compressed data, from Unix\012- data
Size
31 kB (31410 bytes)
Hash
2272f63467858a44e426913d59e79d83
97f3a795ba2106df931d34a50f9bef8426b14ed4
1545bdef6bba8c6baf420eaca62103d48e1fae1f85a4c6622cadc5d4a2087c31

HTTP Headers

GET /wp-content/themes/vugla/js/scripts.js?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 12:00:03 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.157.203.0

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.157.203.0:443
ASN
#16509 AMAZON-02

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
0d160cc89869905fe3ecacb479ad6e33
5dad8de8840fe36c258a201a843f73ea4a7770f3
f9579f3da0ea87e4b77529945714b25e3c981d240285069878eb70df1d352187

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: uid_id2=aa147afb-384f-420d-85a5-82ce2ce5a288:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.vugla.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/top-arrow.png

192.185.106.252

200 OK

305 B

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/top-arrow.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 50 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
305 B (305 bytes)
Hash
1fe20be2c98304e84623d10905435835
7ba0264f96984d92cfe0750c802f9af1ee7cb88b
1c3cbd61a972428028066c1e9abcfa7c0ef37d3b1de39d7b09455177a94eec52

HTTP Headers

GET /wp-content/themes/vugla/images/top-arrow.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.463628786.1701462236
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:25 GMT
accept-ranges: bytes
content-length: 305
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:52 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
X-Firefox-Spdy: h2

vaugroar.com/zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471

139.45.197.250

200 OK

972 B

URL GET HTTP/2
vaugroar.com/zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectvaugroar.com
FingerprintF5:48:7D:7C:B6:28:8D:55:D3:7D:CF:03:2F:84:BE:B7:FD:20:F0:EE
ValiditySun, 12 Nov 2023 05:15:08 GMT - Sat, 10 Feb 2024 05:15:07 GMT

File type
JSON data\012- , ASCII text, with very long lines (971)
Size
972 B (972 bytes)
Hash
64f047fe127c40083700b04d3811ca27
8f6e71715f3ae8766c33ae08d590fdc202bd865d
0dd4bfd4e574ecf2df30bcd49a6afbc84ffe9a14227f17502561dfca63a51ac7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zone?pub=0&zone_id=1548391&is_mobile=false&domain=www.vugla.com&var=&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: vaugroar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/json; charset=utf-8
content-length: 972
x-trace-id: 69a7b12e96e68edb7f66ea0010888440
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

eehuzaih.com/500/5005565?excludes=&oaid=fc6b62f817f7473a906e4e9a39f79ea0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0

139.45.197.237

200 OK

0 B

URL GET HTTP/2
eehuzaih.com/500/5005565?excludes=&oaid=fc6b62f817f7473a906e4e9a39f79ea0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjecteehuzaih.com
FingerprintAC:55:E9:5B:5B:87:BF:89:7C:BE:E0:77:14:BE:B7:B4:16:AB:70:5A
ValiditySun, 12 Nov 2023 08:38:54 GMT - Sat, 10 Feb 2024 08:38:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/5005565?excludes=&oaid=fc6b62f817f7473a906e4e9a39f79ea0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

tharbadir.com/2?z=1347951

139.45.197.238

200 OK

16 kB

URL GET HTTP/2
tharbadir.com/2?z=1347951
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjecttharbadir.com
FingerprintA5:91:BD:23:83:6F:FE:A6:06:78:AE:E7:58:60:8E:74:B2:BA:C3:64
ValidityThu, 21 Sep 2023 16:36:00 GMT - Wed, 20 Dec 2023 16:35:59 GMT

File type
ASCII text, with very long lines (41880)
Size
16 kB (15750 bytes)
Hash
ba0dd3ea6eec9ca6464177053d3bcfed
a5e58bf2799e21df6f951e0b24f963a4a9c1bf27
e0735c3a840dd4ba2c1d51cdc5e1eac581976f82eb7f725f2a2c5f49cfb48e6b

HTTP Headers

GET /2?z=1347951 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:50 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 3c91f5599561eb5bcb4df234981af250
access-control-expose-headers: X-Sc
x-sc: bf5nEK284VtHN75wUNYPqXAZ2wCkjfpmx0og4XbuA_kon8M51BRS0gbxus4gw3ID-ELQi3YoKu7gf0oBmxuXfcU1CiY=
set-cookie: scm=1; expires=Sat, 30 Nov 2024 20:23:50 GMT; secure; SameSite=None
OAID=e456aec1966749a8928819fc64f26b4d; expires=Sat, 30 Nov 2024 20:23:50 GMT; secure; SameSite=None
oaidts=1701462230; expires=Sat, 30 Nov 2024 20:23:50 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3

192.185.106.252

409 Conflict

83 B

URL GET HTTP/2
www.vugla.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.463628786.1701462236
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.kursnalista.co/banners/sutrasnji_kurs_300x600.jpg

192.185.106.47

200 OK

133 kB

URL GET HTTP/2
www.kursnalista.co/banners/sutrasnji_kurs_300x600.jpg
IP
192.185.106.47:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.kursnalista.co
Fingerprint1C:D4:9B:DE:4F:51:D3:F0:32:B2:6C:A1:1C:03:E2:3E:18:FC:D4:2A
ValidityMon, 20 Nov 2023 10:01:16 GMT - Sun, 18 Feb 2024 10:01:15 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x600, components 3\012- data
Size
133 kB (132746 bytes)
Hash
03cb0234e6286a8521c7e91836880c7f
ad08e9c34a8756fdb4405f1173e35c27ba5accc3
0420c0254ff2755372ffa257d45fb7624a82ca37e99286dca68d6a1813a5d755

HTTP Headers

GET /banners/sutrasnji_kurs_300x600.jpg HTTP/1.1
Host: www.kursnalista.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 06 Jun 2015 11:16:35 GMT
accept-ranges: bytes
content-length: 132746
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
X-Firefox-Spdy: h2

tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=fc6b62f817f7473a906e4e9a39f79ea0

139.45.197.238

200 OK

0 B

URL POST HTTP/2
tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=fc6b62f817f7473a906e4e9a39f79ea0
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjecttharbadir.com
FingerprintA5:91:BD:23:83:6F:FE:A6:06:78:AE:E7:58:60:8E:74:B2:BA:C3:64
ValidityThu, 21 Sep 2023 16:36:00 GMT - Wed, 20 Dec 2023 16:35:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=fc6b62f817f7473a906e4e9a39f79ea0 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

psuftoum.com/?rb=pCybLJcKZOCg9Z--9MCREpxzocb7FGSU9th2U26jNqNC5aLzyHqs9FGOWfC3ALcPOeAX3Bt2O1B_EXZWkARh6rs_jbQQ9_iheIDsJKUPtz4qzSw1JQP7owlD6JzDJ6XAhw9WOgMTp1oPfx6JuHNwLCCuvRihYEv1QUAIqJL182lXiinXT4_-VeFnVUZXHf0TREObGbNGNQsHZAEDoEkUOqhP7OaYcYl3sJxLxQl7RBE%3D&request_ab2=0&zoneid=1316441&js_build=iclick-v1.635.3-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.635.3-auto&bs=5e14a520-a1ed-4363-a26a-67cabdda6195&userId=fc6b62f817f7473a906e4e9a39f79ea0&m=link

139.45.197.244

200 OK

2.0 kB

URL GET HTTP/2
psuftoum.com/?rb=pCybLJcKZOCg9Z--9MCREpxzocb7FGSU9th2U26jNqNC5aLzyHqs9FGOWfC3ALcPOeAX3Bt2O1B_EXZWkARh6rs_jbQQ9_iheIDsJKUPtz4qzSw1JQP7owlD6JzDJ6XAhw9WOgMTp1oPfx6JuHNwLCCuvRihYEv1QUAIqJL182lXiinXT4_-VeFnVUZXHf0TREObGbNGNQsHZAEDoEkUOqhP7OaYcYl3sJxLxQl7RBE%3D&request_ab2=0&zoneid=1316441&js_build=iclick-v1.635.3-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.635.3-auto&bs=5e14a520-a1ed-4363-a26a-67cabdda6195&userId=fc6b62f817f7473a906e4e9a39f79ea0&m=link
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectpsuftoum.com
Fingerprint2C:F3:EA:66:F3:74:01:A6:A1:04:29:7A:60:60:06:A7:A5:C0:93:CC
ValidityTue, 19 Sep 2023 05:22:30 GMT - Mon, 18 Dec 2023 05:22:29 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
2.0 kB (1992 bytes)
Hash
fb5b129703663817b02e0d30f6985c87
e396b324f4b61088d2a0ecacf1c2a9da5534af1f
63c141cd028ac33d64f69434b7b75dec286400057dcb49b9260ccf557b9c8aba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=pCybLJcKZOCg9Z--9MCREpxzocb7FGSU9th2U26jNqNC5aLzyHqs9FGOWfC3ALcPOeAX3Bt2O1B_EXZWkARh6rs_jbQQ9_iheIDsJKUPtz4qzSw1JQP7owlD6JzDJ6XAhw9WOgMTp1oPfx6JuHNwLCCuvRihYEv1QUAIqJL182lXiinXT4_-VeFnVUZXHf0TREObGbNGNQsHZAEDoEkUOqhP7OaYcYl3sJxLxQl7RBE%3D&request_ab2=0&zoneid=1316441&js_build=iclick-v1.635.3-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.635.3-auto&bs=5e14a520-a1ed-4363-a26a-67cabdda6195&userId=fc6b62f817f7473a906e4e9a39f79ea0&m=link HTTP/1.1
Host: psuftoum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Cookie: OAID=a5780e9dbaf141bd9aea777aa3fd0756; oaidts=1701462230
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/json
x-trace-id: 90fa1726757b008ae1e22bc2e7388e78
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=fc6b62f817f7473a906e4e9a39f79ea0; expires=Sat, 30 Nov 2024 20:23:52 GMT; path=/; secure; SameSite=None
oaidts=1701462232; expires=Sat, 30 Nov 2024 20:23:52 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 08 Dec 2023 20:23:52 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/pattern-filter.png

192.185.106.252

200 OK

2.8 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/pattern-filter.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2804 bytes)
Hash
6d6f2d483736ba6f70063740ddf2841b
3b9dee704da0bf19a56b46584a55226a137504a9
dca9f66f2ff2d735f415080def56d34e60cf13cc65668bf9b422103cd3bee2a5

HTTP Headers

GET /wp-content/themes/vugla/images/pattern-filter.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.463628786.1701462236; dom3ic8zudi28v8lr6fgphwffqoz0j6c=aa147afb-384f-420d-85a5-82ce2ce5a288%3A3%3A1; prefetchAd_1316441=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:06 GMT
accept-ranges: bytes
content-length: 2804
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:52 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
X-Firefox-Spdy: h2

www.vugla.com/wp-content/uploads/2013/11/bckg-vugla-dark.jpg

192.185.106.252

200 OK

267 kB

URL GET HTTP/2
www.vugla.com/wp-content/uploads/2013/11/bckg-vugla-dark.jpg
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 2000x1200, components 3\012- data
Size
267 kB (267247 bytes)
Hash
11e97d76a4b329319978b9da6f46b5b0
ae03d14a5b568ed59c1772ee2065e160e93428ae
9fbe33f0e52a532495bb5d56584e250e0d3cf1acc5a04acb7cbb2e39bb6c6a42

HTTP Headers

GET /wp-content/uploads/2013/11/bckg-vugla-dark.jpg HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.463628786.1701462236; dom3ic8zudi28v8lr6fgphwffqoz0j6c=aa147afb-384f-420d-85a5-82ce2ce5a288%3A3%3A1; prefetchAd_1316441=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 20 Nov 2013 16:40:33 GMT
accept-ranges: bytes
content-length: 267247
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:52 GMT
referrer-policy: 
pragma: public
content-type: image/jpeg
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
X-Firefox-Spdy: h2

173.233.137.52

307 Temporary Redirect

0 B

URL GET HTTP/1.1
www.profitabledisplaycontent.com/watch.1550490905068.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22%C5%BEivotinje%22%2C%22kako%22%2C%22su%22%2C%22rok%22%2C%22zvezde%22%2C%22pande%22%2C%22ostale%22%2C%22bez%22%2C%22ljubavne%22%2C%22pri%C4%8De%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&tz=0&dev=e&res=14.3095&uuid=aa147afb-384f-420d-85a5-82ce2ce5a288%3A3%3A1
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.profitabledisplaycontent.com
Fingerprint5B:BD:54:33:2B:86:AB:1A:82:90:2C:D6:FE:04:C7:39:78:8E:80:0E
ValidityFri, 01 Dec 2023 06:55:29 GMT - Thu, 29 Feb 2024 06:55:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.1550490905068.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22%C5%BEivotinje%22%2C%22kako%22%2C%22su%22%2C%22rok%22%2C%22zvezde%22%2C%22pande%22%2C%22ostale%22%2C%22bez%22%2C%22ljubavne%22%2C%22pri%C4%8De%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&tz=0&dev=e&res=14.3095&uuid=aa147afb-384f-420d-85a5-82ce2ce5a288%3A3%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.1550490905068.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22%C5%BEivotinje%22%2C%22kako%22%2C%22su%22%2C%22rok%22%2C%22zvezde%22%2C%22pande%22%2C%22ostale%22%2C%22bez%22%2C%22ljubavne%22%2C%22pri%C4%8De%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&tz=0&dev=e&res=14.3095&uuid=aa147afb-384f-420d-85a5-82ce2ce5a288%3A3%3A1&shu=50ba52d6a4813c24ae864131db4680582ed6dfe4ec39be3f894cda1e436da297b7357beda1cad82a0f2b457a4f8e8e57b4af2a2504c318733af52f777a8f69556aacdf19cd79f7f8a18dd8ba5d0bf6518fe7c3974f0cb8b00e8a01f482ae78&pst=1701462292&rmtc=t
Set-Cookie: u_pl=14611544; expires=Sat, 02 Dec 2023 20:23:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDYxMTU0NCwiayI6ImMzYjZiYWI5YTNlNmM2MjJkNzMzMTIxOTk4ZTAwMTRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDcwMTYsInBpZCI6ODU0ODQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjcsInB0Ijo0LCJwayI6ImUydHg4d3EydHciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tL3ppdm90aW5qZS1rYWtvLXN1LXJvay16dmV6ZGUtcGFuZGUtb3N0YWxlLWJlei1sanViYXZuZS1wcmljZS5odG1sIiwiYXIiOltdfX0.w0H8pXh9kR92g8ALkDv9JfRuEfH_QXKMIGAdc5ycWvU; expires=Fri, 01 Dec 2023 20:24:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fa746dc7622dd8f35f90e37d2a8ea9af
Strict-Transport-Security: max-age=0; includeSubdomains

buttersource.com/ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3

173.233.137.44

200 OK

13 kB

URL GET HTTP/1.1
buttersource.com/ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectbuttersource.com
FingerprintFA:3D:D1:74:88:B5:6E:F0:15:0C:E7:94:01:5D:C7:6B:18:60:BE:7F
ValidityTue, 28 Nov 2023 07:57:17 GMT - Mon, 26 Feb 2024 07:57:16 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (12683), with no line terminators
Size
13 kB (12684 bytes)
Hash
a03e21947fb13f6dbe2ff140fcee8ac2
3f442a198d750c378731621427e8ea6955beea0c
e662e139fc13b5a5dbef62adc4f9c4a9f71fff1978a660870b7821e919d8fc70

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=c9123167a2366d360cd4d80dad2ac358&vstc=3 HTTP/1.1
Host: buttersource.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:52 GMT
Content-Type: application/json
Content-Length: 12684
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16310791; expires=Sat, 02 Dec 2023 20:23:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 02 Dec 2023 20:23:52 GMT; secure; SameSite=None
uncs=1; expires=Sat, 02 Dec 2023 20:23:52 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sat, 02 Dec 2023 20:23:52 GMT; secure; SameSite=None
uncs49=1; expires=Sat, 02 Dec 2023 20:23:52 GMT; secure; SameSite=None
nlecc9123167a2366d360cd4d80dad2ac358=[2229212,2229214,3637745]; expires=Fri, 01 Dec 2023 20:23:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 78672f127b76b1a0c4ce32aa8c207c5b
Strict-Transport-Security: max-age=0; includeSubdomains

www.profitabledisplaycontent.com/watch.1550490905068.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22%C5%BEivotinje%22%2C%22kako%22%2C%22su%22%2C%22rok%22%2C%22zvezde%22%2C%22pande%22%2C%22ostale%22%2C%22bez%22%2C%22ljubavne%22%2C%22pri%C4%8De%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&tz=0&dev=e&res=14.3095&uuid=aa147afb-384f-420d-85a5-82ce2ce5a288%3A3%3A1&shu=50ba52d6a4813c24ae864131db4680582ed6dfe4ec39be3f894cda1e436da297b7357beda1cad82a0f2b457a4f8e8e57b4af2a2504c318733af52f777a8f69556aacdf19cd79f7f8a18dd8ba5d0bf6518fe7c3974f0cb8b00e8a01f482ae78&pst=1701462292&rmtc=t

173.233.137.52

200 OK

2.1 kB

URL GET HTTP/1.1
www.profitabledisplaycontent.com/watch.1550490905068.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22%C5%BEivotinje%22%2C%22kako%22%2C%22su%22%2C%22rok%22%2C%22zvezde%22%2C%22pande%22%2C%22ostale%22%2C%22bez%22%2C%22ljubavne%22%2C%22pri%C4%8De%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&tz=0&dev=e&res=14.3095&uuid=aa147afb-384f-420d-85a5-82ce2ce5a288%3A3%3A1&shu=50ba52d6a4813c24ae864131db4680582ed6dfe4ec39be3f894cda1e436da297b7357beda1cad82a0f2b457a4f8e8e57b4af2a2504c318733af52f777a8f69556aacdf19cd79f7f8a18dd8ba5d0bf6518fe7c3974f0cb8b00e8a01f482ae78&pst=1701462292&rmtc=t
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.profitabledisplaycontent.com
Fingerprint5B:BD:54:33:2B:86:AB:1A:82:90:2C:D6:FE:04:C7:39:78:8E:80:0E
ValidityFri, 01 Dec 2023 06:55:29 GMT - Thu, 29 Feb 2024 06:55:28 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (2664)
Size
2.1 kB (2108 bytes)
Hash
70bc22a01df6b2044fffd3668ec02993
479ab799320cdc24178ed0fba5f68546bd9ce12d
6c48cc3c2436ec28a9c058f48a1bf6d2fe1df5e34a8df7335e772f70575f0a52

HTTP Headers

GET /watch.1550490905068.js?key=c3b6bab9a3e6c622d733121998e0014d&kw=%5B%22%C5%BEivotinje%22%2C%22kako%22%2C%22su%22%2C%22rok%22%2C%22zvezde%22%2C%22pande%22%2C%22ostale%22%2C%22bez%22%2C%22ljubavne%22%2C%22pri%C4%8De%22%2C%22-%22%2C%22vugla%22%5D&refer=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&tz=0&dev=e&res=14.3095&uuid=aa147afb-384f-420d-85a5-82ce2ce5a288%3A3%3A1&shu=50ba52d6a4813c24ae864131db4680582ed6dfe4ec39be3f894cda1e436da297b7357beda1cad82a0f2b457a4f8e8e57b4af2a2504c318733af52f777a8f69556aacdf19cd79f7f8a18dd8ba5d0bf6518fe7c3974f0cb8b00e8a01f482ae78&pst=1701462292&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
Referer: https://www.vugla.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=14611544; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDYxMTU0NCwiayI6ImMzYjZiYWI5YTNlNmM2MjJkNzMzMTIxOTk4ZTAwMTRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDcwMTYsInBpZCI6ODU0ODQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjcsInB0Ijo0LCJwayI6ImUydHg4d3EydHciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudnVnbGEuY29tL3ppdm90aW5qZS1rYWtvLXN1LXJvay16dmV6ZGUtcGFuZGUtb3N0YWxlLWJlei1sanViYXZuZS1wcmljZS5odG1sIiwiYXIiOltdfX0.w0H8pXh9kR92g8ALkDv9JfRuEfH_QXKMIGAdc5ycWvU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=aa147afb-384f-420d-85a5-82ce2ce5a288:3:1; expires=Fri, 08 Dec 2023 20:23:53 GMT; secure; SameSite=None
iprc7ec6d4bb82a68b997c6c463c73571bdf=3569807; expires=Sat, 02 Dec 2023 00:23:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
uncs=1; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
uncs27=1; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 23e2ff7533cdff1091f429620e75293a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg

104.22.32.172

200 OK

19 kB

URL GET HTTP/2
offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg
IP
104.22.32.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
19 kB (19381 bytes)
Hash
71581bf2ce9a00138faf7dd80fe3e12e
56479135ed64bf23e1037067c0c87047eb8a414c
5d9f95c8c06343cc189b38268296615ed8816d8154b4b782ad0d62bedd23525e

HTTP Headers

GET /www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:53 GMT
content-type: image/jpeg
content-length: 19381
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
cache-control: max-age=86400
cf-bgj: h2pri
etag: "65674405-4bb5"
expires: Sat, 02 Dec 2023 14:07:42 GMT
last-modified: Wed, 29 Nov 2023 14:00:37 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 22571
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0ced3d2d2dfa-ARN
X-Firefox-Spdy: h2

vaugroar.com/custom

139.45.197.250

200 OK

0 B

URL POST HTTP/2
vaugroar.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectvaugroar.com
FingerprintF5:48:7D:7C:B6:28:8D:55:D3:7D:CF:03:2F:84:BE:B7:FD:20:F0:EE
ValiditySun, 12 Nov 2023 05:15:08 GMT - Sat, 10 Feb 2024 05:15:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: vaugroar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:53 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

139.45.197.238

200 OK

2.8 kB

URL POST HTTP/2
tharbadir.com/9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=fc6b62f817f7473a906e4e9a39f79ea0
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjecttharbadir.com
FingerprintA5:91:BD:23:83:6F:FE:A6:06:78:AE:E7:58:60:8E:74:B2:BA:C3:64
ValidityThu, 21 Sep 2023 16:36:00 GMT - Wed, 20 Dec 2023 16:35:59 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
2.8 kB (2758 bytes)
Hash
294bbe9aad8861f43a59268d89d7705d
bdcbf3db9a8faec51a42b16fafc6a2173567dc91
b4780c7079a5d813deacbf81d55c2b0c1205e890e5901bdcd0fc25f40f1322b1

HTTP Headers

POST /9?z=2892323&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&oaid=fc6b62f817f7473a906e4e9a39f79ea0 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 162
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: scm=1; OAID=e456aec1966749a8928819fc64f26b4d; oaidts=1701462230
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 3744707cc00311ffe6593d4c11b6c281
access-control-expose-headers: X-Sc
set-cookie: OAID=fc6b62f817f7473a906e4e9a39f79ea0; expires=Sat, 30 Nov 2024 20:23:52 GMT; secure; SameSite=None
oaidts=1701462230; expires=Sat, 30 Nov 2024 20:23:52 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

vaugroar.com/custom

139.45.197.250

200 OK

39 B

URL POST HTTP/2
vaugroar.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectvaugroar.com
FingerprintF5:48:7D:7C:B6:28:8D:55:D3:7D:CF:03:2F:84:BE:B7:FD:20:F0:EE
ValiditySun, 12 Nov 2023 05:15:08 GMT - Sat, 10 Feb 2024 05:15:07 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: vaugroar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 424
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:53 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 07b9ad0e248f14c872bf69d4aa36d0d7
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

tharbadir.com/27/b7af9eee900df9a8aa2af9ad8ee46174

139.45.197.238

200 OK

158 kB

URL GET HTTP/2
tharbadir.com/27/b7af9eee900df9a8aa2af9ad8ee46174
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjecttharbadir.com
FingerprintA5:91:BD:23:83:6F:FE:A6:06:78:AE:E7:58:60:8E:74:B2:BA:C3:64
ValidityThu, 21 Sep 2023 16:36:00 GMT - Wed, 20 Dec 2023 16:35:59 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
158 kB (158070 bytes)
Hash
84be41e94b4d4758099871f5fec56ae3
095f16765c066f239e568e89750b58b9521901b8
4eeb99ca32296ac1c37945ce7ee9e6fcaa1e821cd2c43df0bc38914b3e267085

HTTP Headers

GET /27/b7af9eee900df9a8aa2af9ad8ee46174 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: scm=1; OAID=e456aec1966749a8928819fc64f26b4d; oaidts=1701462230
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: e618604a3ae17487b69cc610e251409c
cache-control: max-age:290304000, public
last-modified: Fri, 24 Nov 2023 06:46:08 GMT
expires: Fri, 24 Dec 2083 06:46:08 GMT
access-control-expose-headers: X-Sc
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:53 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

139.45.197.237

200 OK

1.3 kB

URL GET HTTP/2
eehuzaih.com/500/5005565?excludes=&oaid=fc6b62f817f7473a906e4e9a39f79ea0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjecteehuzaih.com
FingerprintAC:55:E9:5B:5B:87:BF:89:7C:BE:E0:77:14:BE:B7:B4:16:AB:70:5A
ValiditySun, 12 Nov 2023 08:38:54 GMT - Sat, 10 Feb 2024 08:38:53 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
1.3 kB (1296 bytes)
Hash
069454d39e9ebc2942a640b06665e4fc
6952863e9f4fb2b6896282ed93a5a2db98dbe50c
d360f320f84ae6317b7a62223c7212599a68ca7249a00f690936908c5a7287e4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /500/5005565?excludes=&oaid=fc6b62f817f7473a906e4e9a39f79ea0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: OAID=810a510d0b024955be20ecc297313da8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/javascript
x-trace-id: 41ed50c531fe635c5d81ef830bebaa96
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.vugla.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=fc6b62f817f7473a906e4e9a39f79ea0; expires=Sat, 30 Nov 2024 20:23:52 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

tharbadir.com/11?rnd=1404754519&z=2892323&b=15763363&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=GFOt6dZtFtUvadx--7WZItHuwKOehtJ_sVwEBamYXT-HGbzJGaPeV9lYpZqi5siCf7di2jCOdPuFDX-gNQg32aNKOq5i0LlSBmTd9SXGTZos1zOf3mG4ejyO42GlyNdoVrxUUx2LmDygsvn_cZYIuRI1m0ez4vOU_s85VofWorYLyimjQJ_vWGcY9oxl1zx03HYpjD9qo4SaTKUyHLxpWowt4hvcCWnmQHRwwEnNZ52DF0Y08uuFBtZ2vupO3jz7UBnWkCtUcm5E73JxTjrVBW9ejjdJORDPFkqOedvekev2i763kXRFGMCXCZOcIyCh8MNK3RYvq9tRvlAn4zIsqtBNtWfs9O4sORiugwTT-tya2DSsbkipPDDNC6Yzws9C4HnrRRmH_MEFK3uBzcZBghobKM0jf-NU2TwpRl9lsxvVlIsiWSny9f2gEQU2PNBMBxrl3T9QRSJapLdZ-aCXoNLX600KglmVmhVDDbNZjyYcPbmDHS949EpiTE_3Xoh3nvTnsRSB_as9AFLF4kdU1Aws8JRDsdlxzyFLPKH_06Nxcy5cg2FgZcXdnXJavdZN9w_z7q09Y7UV2cvjUSTFsNLooamCXlc9btprKRl15GS_FxkeqiSAkluw9NZLBrQldZ5MmJHqJCuobEuq26tYB64Z4UQ6qGgldX4Pzrgo3KFyRbHePETHSGioFv6V8dt-RDrDdmyIuPP4PIbB-tvCdlnm6Nq6o-cHwTf1Uw==&ruid=36d21996-3161-4244-a1dd-aa2fea7ab614&subid=754549898436681728&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ot=896

139.45.197.238

200 OK

0 B

URL GET HTTP/2
tharbadir.com/11?rnd=1404754519&z=2892323&b=15763363&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=GFOt6dZtFtUvadx--7WZItHuwKOehtJ_sVwEBamYXT-HGbzJGaPeV9lYpZqi5siCf7di2jCOdPuFDX-gNQg32aNKOq5i0LlSBmTd9SXGTZos1zOf3mG4ejyO42GlyNdoVrxUUx2LmDygsvn_cZYIuRI1m0ez4vOU_s85VofWorYLyimjQJ_vWGcY9oxl1zx03HYpjD9qo4SaTKUyHLxpWowt4hvcCWnmQHRwwEnNZ52DF0Y08uuFBtZ2vupO3jz7UBnWkCtUcm5E73JxTjrVBW9ejjdJORDPFkqOedvekev2i763kXRFGMCXCZOcIyCh8MNK3RYvq9tRvlAn4zIsqtBNtWfs9O4sORiugwTT-tya2DSsbkipPDDNC6Yzws9C4HnrRRmH_MEFK3uBzcZBghobKM0jf-NU2TwpRl9lsxvVlIsiWSny9f2gEQU2PNBMBxrl3T9QRSJapLdZ-aCXoNLX600KglmVmhVDDbNZjyYcPbmDHS949EpiTE_3Xoh3nvTnsRSB_as9AFLF4kdU1Aws8JRDsdlxzyFLPKH_06Nxcy5cg2FgZcXdnXJavdZN9w_z7q09Y7UV2cvjUSTFsNLooamCXlc9btprKRl15GS_FxkeqiSAkluw9NZLBrQldZ5MmJHqJCuobEuq26tYB64Z4UQ6qGgldX4Pzrgo3KFyRbHePETHSGioFv6V8dt-RDrDdmyIuPP4PIbB-tvCdlnm6Nq6o-cHwTf1Uw==&ruid=36d21996-3161-4244-a1dd-aa2fea7ab614&subid=754549898436681728&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ot=896
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjecttharbadir.com
FingerprintA5:91:BD:23:83:6F:FE:A6:06:78:AE:E7:58:60:8E:74:B2:BA:C3:64
ValidityThu, 21 Sep 2023 16:36:00 GMT - Wed, 20 Dec 2023 16:35:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=1404754519&z=2892323&b=15763363&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=GFOt6dZtFtUvadx--7WZItHuwKOehtJ_sVwEBamYXT-HGbzJGaPeV9lYpZqi5siCf7di2jCOdPuFDX-gNQg32aNKOq5i0LlSBmTd9SXGTZos1zOf3mG4ejyO42GlyNdoVrxUUx2LmDygsvn_cZYIuRI1m0ez4vOU_s85VofWorYLyimjQJ_vWGcY9oxl1zx03HYpjD9qo4SaTKUyHLxpWowt4hvcCWnmQHRwwEnNZ52DF0Y08uuFBtZ2vupO3jz7UBnWkCtUcm5E73JxTjrVBW9ejjdJORDPFkqOedvekev2i763kXRFGMCXCZOcIyCh8MNK3RYvq9tRvlAn4zIsqtBNtWfs9O4sORiugwTT-tya2DSsbkipPDDNC6Yzws9C4HnrRRmH_MEFK3uBzcZBghobKM0jf-NU2TwpRl9lsxvVlIsiWSny9f2gEQU2PNBMBxrl3T9QRSJapLdZ-aCXoNLX600KglmVmhVDDbNZjyYcPbmDHS949EpiTE_3Xoh3nvTnsRSB_as9AFLF4kdU1Aws8JRDsdlxzyFLPKH_06Nxcy5cg2FgZcXdnXJavdZN9w_z7q09Y7UV2cvjUSTFsNLooamCXlc9btprKRl15GS_FxkeqiSAkluw9NZLBrQldZ5MmJHqJCuobEuq26tYB64Z4UQ6qGgldX4Pzrgo3KFyRbHePETHSGioFv6V8dt-RDrDdmyIuPP4PIbB-tvCdlnm6Nq6o-cHwTf1Uw==&ruid=36d21996-3161-4244-a1dd-aa2fea7ab614&subid=754549898436681728&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ot=896 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: scm=1; OAID=fc6b62f817f7473a906e4e9a39f79ea0; oaidts=1701462230
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:53 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 33b4b277b0503c59ceab6cb3b44c622d
access-control-expose-headers: X-Sc
set-cookie: OAID=fc6b62f817f7473a906e4e9a39f79ea0; expires=Sat, 30 Nov 2024 20:23:53 GMT; secure; SameSite=None
oaidts=1701462230; expires=Sat, 30 Nov 2024 20:23:53 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

vaugroar.com/pfe/current/universal.min.js?v=3.1.471

139.45.197.250

200 OK

33 kB

URL GET HTTP/2
vaugroar.com/pfe/current/universal.min.js?v=3.1.471
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectvaugroar.com
FingerprintF5:48:7D:7C:B6:28:8D:55:D3:7D:CF:03:2F:84:BE:B7:FD:20:F0:EE
ValiditySun, 12 Nov 2023 05:15:08 GMT - Sat, 10 Feb 2024 05:15:07 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
33 kB (33351 bytes)
Hash
d46d2997ab218d1dba1ab614422ed53f
3f1f6b9847c8ad209835db366c62fcb209b83a67
09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.471 HTTP/1.1
Host: vaugroar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-1572c"
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs

142.250.74.78

200 OK

34 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
ASCII text, with very long lines (1586)
Size
34 kB (34324 bytes)
Hash
e0fbc84518a1bab9c8bad9f76463d338
ecce9ef563bc5170ebcfcfd35e0dd5b17bc0b874
d99dd3891be0d37edbcc13fdaad780f164a758be5d0c8a71f66596e6cda04f70

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 34324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:23:52 GMT
expires: Fri, 29 Nov 2024 05:23:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 140401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs

142.250.74.78

200 OK

56 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
ASCII text, with very long lines (1505)
Size
56 kB (55751 bytes)
Hash
4a256001cbbe7af37c71afbd89ba1656
4760f1dee9f6ff6db6f33eeee3dc7ec76155f7dd
5b683a525a2a814b27fc09152ee8030b6d542cd24a61de371bbe5e8815e9d0b1

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 55751
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:12:01 GMT
expires: Fri, 29 Nov 2024 04:12:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 144712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7NCJ73THPT&cid=463628786.1701462236&gtm=45je3bt0v879882835&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=319057620

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7NCJ73THPT&cid=463628786.1701462236&gtm=45je3bt0v879882835&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=319057620
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7NCJ73THPT&cid=463628786.1701462236&gtm=45je3bt0v879882835&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=319057620 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 20:23:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/favicon.ico

192.185.106.252

302 Found

0 B

URL GET HTTP/2
www.vugla.com/favicon.ico
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.463628786.1701462236; dom3ic8zudi28v8lr6fgphwffqoz0j6c=aa147afb-384f-420d-85a5-82ce2ce5a288%3A3%3A1; prefetchAd_1316441=true; sb_main_d137022925bcc2a680f8a4476ff94144=1; sb_count_d137022925bcc2a680f8a4476ff94144=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
link: <https://www.vugla.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
content-security-policy: upgrade-insecure-requests;
location: https://www.vugla.com/wp-includes/images/w-logo-blue-white-bg.png
cache-control: max-age=10800
expires: Fri, 01 Dec 2023 23:23:53 GMT
vary: User-Agent
referrer-policy: 
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 20:23:53 GMT
server: Apache
X-Firefox-Spdy: h2

rollerstrayprawn.com/sbar.json?key=d137022925bcc2a680f8a4476ff94144&uuid=aa147afb-384f-420d-85a5-82ce2ce5a288%3A3%3A1

192.243.59.12

200 OK

3.2 kB

URL GET HTTP/1.1
rollerstrayprawn.com/sbar.json?key=d137022925bcc2a680f8a4476ff94144&uuid=aa147afb-384f-420d-85a5-82ce2ce5a288%3A3%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectrollerstrayprawn.com
Fingerprint9E:74:D1:93:DF:47:C6:06:84:EA:02:9E:E8:F3:B5:CF:52:D3:9F:D0
ValidityTue, 28 Nov 2023 10:59:19 GMT - Mon, 26 Feb 2024 10:59:18 GMT

File type
JSON data\012- , ASCII text, with very long lines (6160), with no line terminators
Size
3.2 kB (3248 bytes)
Hash
54aede7bd196a6c7755693563a1322da
fb469de554ce4817f3d7a5f9a0c5c434c279eb3e
a9d3dc64c81fc64486ff53a9a5cb62f1aac041c9c17d422be2b1ac124078488f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=d137022925bcc2a680f8a4476ff94144&uuid=aa147afb-384f-420d-85a5-82ce2ce5a288%3A3%3A1 HTTP/1.1
Host: rollerstrayprawn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 01 Dec 2023 20:23:53 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.vugla.com
Access-Control-Allow-Origin: https://www.vugla.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15460408; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
uid_id2=aa147afb-384f-420d-85a5-82ce2ce5a288:3:1; expires=Fri, 08 Dec 2023 20:23:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
uncs=1; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 02 Dec 2023 20:23:53 GMT; secure; SameSite=None
slecd137022925bcc2a680f8a4476ff94144=[4691073]; expires=Fri, 01 Dec 2023 20:23:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc529525108b7ea6f4e8591ab8a07179
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

apis.google.com/js/rpc:shindig_random.js?onload=init

142.250.74.78

200 OK

7.1 kB

URL GET HTTP/3
apis.google.com/js/rpc:shindig_random.js?onload=init
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vugla.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__#rpctoken=376691146&forcesecure=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
ASCII text, with very long lines (2056)
Size
7.1 kB (7121 bytes)
Hash
84a5ff7df274c2aa0f5db3d0db8deb60
fe9d4e60961ea15195134fa043256585a3956984
0d3c50c1af81534edee9a430edb5d09c6068348173496657982a4546ff2ee231

HTTP Headers

GET /js/rpc:shindig_random.js?onload=init HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 7121
date: Fri, 01 Dec 2023 20:23:53 GMT
expires: Fri, 01 Dec 2023 20:23:53 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "14543ead6f363f55"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=rNGUjY096AqRFWnMpdMqbqjNxTEsAwkL34o3TR4PmzdjkaLX0RxgdWwWdQOEtsQYZK_pLqFwIdiNFC6bdrrFKpNbhg_h6_jpRlHvXQL4J0kpKk45KB0Hbc5tiSZBmm3O0FpRv34T7b4X8oG8udbkSJOh2g90aBNC2ypBd7d2Xks; expires=Sat, 01-Jun-2024 20:23:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.vugla.com/wp-includes/images/w-logo-blue-white-bg.png

192.185.106.252

200 OK

4.1 kB

URL GET HTTP/2
www.vugla.com/wp-includes/images/w-logo-blue-white-bg.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
DNT: 1
Connection: keep-alive
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.463628786.1701462236; dom3ic8zudi28v8lr6fgphwffqoz0j6c=aa147afb-384f-420d-85a5-82ce2ce5a288%3A3%3A1; prefetchAd_1316441=true; sb_main_d137022925bcc2a680f8a4476ff94144=1; sb_count_d137022925bcc2a680f8a4476ff94144=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
content-length: 4119
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:53 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:53 GMT
server: Apache
X-Firefox-Spdy: h2

ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js

142.250.74.163

200 OK

5.2 kB

URL GET HTTP/2
ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vugla.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__#rpctoken=376691146&forcesecure=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (3496)
Size
5.2 kB (5186 bytes)
Hash
92169c8a0fbf6e404267d0705cdbdf42
a5cd88b74ca5ced239cdbfb458fe25540d671f46
dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

HTTP Headers

GET /accounts/o/478691279-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 5186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 16:02:08 GMT
expires: Thu, 28 Nov 2024 16:02:08 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 17 Nov 2023 17:06:44 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 188506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.nbfcs.org/

15.197.172.60

1.2 kB

URL
www.nbfcs.org/
IP
15.197.172.60:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1177), with no line terminators
Size
1.2 kB (1177 bytes)
Hash
ac31a44b8e766d58079bd7a52676f652
0e924164f1acd9d700002cb942b58964b12f8e00
5f44fbb4e200e2691a00fe45d975e24b4c4d29434893cab7c0c6c4447a8d8b69

HTTP Headers

GET / HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: text/html
Content-Length: 1177
Last-Modified: Thu, 30 Nov 2023 23:50:58 GMT
Connection: keep-alive
ETag: "65691fe2-499"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_ENz/K+PjBN0f7d4uAK6i9sVttzh1wtg6nZ+1UAvE7vPXElYhzDXKeeVTCrm3d3z1MlDESrhhCv293G+wNltFFw
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=10.116.88.163;Path=/;Max-Age=86400;
country=;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.ACTIVE.5D3C3A1B-1A26-48DD-A7EC-02F11DDF874F;Path=/;Max-Age=86400;
Accept-Ranges: bytes

buttersource.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSezRkRQQMRDRLFiQKBhM679%2FtIEQghyMKxTRLkenZm9jzx7M5qZn%2BcXTkEoZSHaIBq%2FZ0dK8FC5A8AoTNNZIHka8ASuKBDokFIUUq0l5MOnrTvvW%2B%2FV3zfe%2FPpbnpGPKT0dO2a3pZK0cVWza2%2Bvi4jrnNbXblZ9dyae7G6LqN282J1UCaTveW5rZr7RvV9wTb1Yt31XNdzvepVaUSgB4tTFjI%2B7Hm1nltr1mteq4mB%2BT%2B2qQNLHfDsjFyA5JNnNh49hGRjROG3V4TdTHT85nthqmiiDTJ%2B8FG0Gek8QjhvA%2BMgiA5m09B2QsgX56Cjg5kD6GyvdABfTojziwc%2FOpjJhJ%2FtP1XqK4gIPn8eeTaGUGNIOgbTdyD5CQEYx8oqovDeijY53XrK0pKdkIXH%2F0DmE7Lw%2B0uIwm8uKzmo3tAqTaSOLAZBATkYQ%2FbHiNMjJNsOZH4ElnwMyX8mi4%2BXEYV7q1ZpSF5M3Us5hgzGUGIIah2k5ScdpIGDNHYQ8tMqbfUC1%2B0EftBodJuMsUaDsVa3zVu80ewGLlJWyhsiiYdgaghmdhCbHWzKz05aF2DSH2A3CljuwCYT4ny4g4wXyAVBbglySpBLgjwhyLNinytbt8U9rmzqe7Nan9VGMdJJf5fu66QvIgJqhrvxGXlxup4nfzyLTXFaZT2v3vDaHVpvtNu80XYZb%2FKuyymvU9ZodWFlAWnPTR1vl7fCecRlvfYXfHoEq47AZAU09UDzUafugm6Mml0X29H9LO0rWmM6BNcF4mQByZazq87Iy1MRr1Z%2Bg2DHlx68cnjee%2B1PMFMgNgVuyR8J%2Buru6LrOyd51nVvycDVOZCi3aXm%2FGwlNROXBB2Ir14YvXbHD%2B%2B%2Bwkijbw5vCJss04jLqW%2FL1Zcm5MFe1YYJ8t2TXhb%2BW2o3LqYnSeHnt3atLYWyEtVJHY1B5svoETE7Iwu3vpy%2FzhZ8%2BgTRjmLRAmB6TWUDqI7B4Bzaeq7eawKj5jB87yNNiZOr%2B%2FKeSBErMMfUL2P9gf97v2rvomwpocgdRWCAzBTJVgKohbPrcKInN8aVHX5bxFXxVGfnKVPZ8ZdTn09WW6WxCOrf%2FhpWnVdEK3EC4deEHPT%2FoUJf3gmbPpz1PdPwW9ZDYibj19q%2F%2FAgAA%2F%2F8BAAD%2F%2F65fmuN7BAAA

173.233.137.44

200 OK

7 B

URL GET HTTP/1.1
buttersource.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSezRkRQQMRDRLFiQKBhM679%2FtIEQghyMKxTRLkenZm9jzx7M5qZn%2BcXTkEoZSHaIBq%2FZ0dK8FC5A8AoTNNZIHka8ASuKBDokFIUUq0l5MOnrTvvW%2B%2FV3zfe%2FPpbnpGPKT0dO2a3pZK0cVWza2%2Bvi4jrnNbXblZ9dyae7G6LqN282J1UCaTveW5rZr7RvV9wTb1Yt31XNdzvepVaUSgB4tTFjI%2B7Hm1nltr1mteq4mB%2BT%2B2qQNLHfDsjFyA5JNnNh49hGRjROG3V4TdTHT85nthqmiiDTJ%2B8FG0Gek8QjhvA%2BMgiA5m09B2QsgX56Cjg5kD6GyvdABfTojziwc%2FOpjJhJ%2FtP1XqK4gIPn8eeTaGUGNIOgbTdyD5CQEYx8oqovDeijY53XrK0pKdkIXH%2F0DmE7Lw%2B0uIwm8uKzmo3tAqTaSOLAZBATkYQ%2FbHiNMjJNsOZH4ElnwMyX8mi4%2BXEYV7q1ZpSF5M3Us5hgzGUGIIah2k5ScdpIGDNHYQ8tMqbfUC1%2B0EftBodJuMsUaDsVa3zVu80ewGLlJWyhsiiYdgaghmdhCbHWzKz05aF2DSH2A3CljuwCYT4ny4g4wXyAVBbglySpBLgjwhyLNinytbt8U9rmzqe7Nan9VGMdJJf5fu66QvIgJqhrvxGXlxup4nfzyLTXFaZT2v3vDaHVpvtNu80XYZb%2FKuyymvU9ZodWFlAWnPTR1vl7fCecRlvfYXfHoEq47AZAU09UDzUafugm6Mml0X29H9LO0rWmM6BNcF4mQByZazq87Iy1MRr1Z%2Bg2DHlx68cnjee%2B1PMFMgNgVuyR8J%2Buru6LrOyd51nVvycDVOZCi3aXm%2FGwlNROXBB2Ir14YvXbHD%2B%2B%2Bwkijbw5vCJss04jLqW%2FL1Zcm5MFe1YYJ8t2TXhb%2BW2o3LqYnSeHnt3atLYWyEtVJHY1B5svoETE7Iwu3vpy%2FzhZ8%2BgTRjmLRAmB6TWUDqI7B4Bzaeq7eawKj5jB87yNNiZOr%2B%2FKeSBErMMfUL2P9gf97v2rvomwpocgdRWCAzBTJVgKohbPrcKInN8aVHX5bxFXxVGfnKVPZ8ZdTn09WW6WxCOrf%2FhpWnVdEK3EC4deEHPT%2FoUJf3gmbPpz1PdPwW9ZDYibj19q%2F%2FAgAA%2F%2F8BAAD%2F%2F65fmuN7BAAA
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectbuttersource.com
FingerprintFA:3D:D1:74:88:B5:6E:F0:15:0C:E7:94:01:5D:C7:6B:18:60:BE:7F
ValidityTue, 28 Nov 2023 07:57:17 GMT - Mon, 26 Feb 2024 07:57:16 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRSezRkRQQMRDRLFiQKBhM679%2FtIEQghyMKxTRLkenZm9jzx7M5qZn%2BcXTkEoZSHaIBq%2FZ0dK8FC5A8AoTNNZIHka8ASuKBDokFIUUq0l5MOnrTvvW%2B%2FV3zfe%2FPpbnpGPKT0dO2a3pZK0cVWza2%2Bvi4jrnNbXblZ9dyae7G6LqN282J1UCaTveW5rZr7RvV9wTb1Yt31XNdzvepVaUSgB4tTFjI%2B7Hm1nltr1mteq4mB%2BT%2B2qQNLHfDsjFyA5JNnNh49hGRjROG3V4TdTHT85nthqmiiDTJ%2B8FG0Gek8QjhvA%2BMgiA5m09B2QsgX56Cjg5kD6GyvdABfTojziwc%2FOpjJhJ%2FtP1XqK4gIPn8eeTaGUGNIOgbTdyD5CQEYx8oqovDeijY53XrK0pKdkIXH%2F0DmE7Lw%2B0uIwm8uKzmo3tAqTaSOLAZBATkYQ%2FbHiNMjJNsOZH4ElnwMyX8mi4%2BXEYV7q1ZpSF5M3Us5hgzGUGIIah2k5ScdpIGDNHYQ8tMqbfUC1%2B0EftBodJuMsUaDsVa3zVu80ewGLlJWyhsiiYdgaghmdhCbHWzKz05aF2DSH2A3CljuwCYT4ny4g4wXyAVBbglySpBLgjwhyLNinytbt8U9rmzqe7Nan9VGMdJJf5fu66QvIgJqhrvxGXlxup4nfzyLTXFaZT2v3vDaHVpvtNu80XYZb%2FKuyymvU9ZodWFlAWnPTR1vl7fCecRlvfYXfHoEq47AZAU09UDzUafugm6Mml0X29H9LO0rWmM6BNcF4mQByZazq87Iy1MRr1Z%2Bg2DHlx68cnjee%2B1PMFMgNgVuyR8J%2Buru6LrOyd51nVvycDVOZCi3aXm%2FGwlNROXBB2Ir14YvXbHD%2B%2B%2Bwkijbw5vCJss04jLqW%2FL1Zcm5MFe1YYJ8t2TXhb%2BW2o3LqYnSeHnt3atLYWyEtVJHY1B5svoETE7Iwu3vpy%2FzhZ8%2BgTRjmLRAmB6TWUDqI7B4Bzaeq7eawKj5jB87yNNiZOr%2B%2FKeSBErMMfUL2P9gf97v2rvomwpocgdRWCAzBTJVgKohbPrcKInN8aVHX5bxFXxVGfnKVPZ8ZdTn09WW6WxCOrf%2FhpWnVdEK3EC4deEHPT%2FoUJf3gmbPpz1PdPwW9ZDYibj19q%2F%2FAgAA%2F%2F8BAAD%2F%2F65fmuN7BAAA HTTP/1.1
Host: buttersource.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=16310791; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8a8fefe79f0a0374f093591aea900b77
Strict-Transport-Security: max-age=0; includeSubdomains

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs

142.250.74.78

200 OK

23 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vugla.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__#rpctoken=376691146&forcesecure=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
ASCII text, with very long lines (1505)
Size
23 kB (23431 bytes)
Hash
009832d077d8fc42d725066c2b774fd6
0994f8575917c4eeb66f6bdb0a65609aa8902cac
b1e012aaab4e65462b456ff6a07a6512c7b11d1682d228531d66b132dcf3d364

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 23431
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 02:51:23 GMT
expires: Fri, 29 Nov 2024 02:51:23 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 149551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg

45.133.44.10

200 OK

21 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
21 kB (20566 bytes)
Hash
8f4953c1b8baece7bb7d226247561ce2
da5d440970606602026d7900a55ae2fd27a3f170
8fd9df7d8e48ff2519631e82e01519d4f1c65abd41ec977c18abb58df9832919

HTTP Headers

GET /si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:54 GMT
content-type: image/jpeg
content-length: 20566
server: nginx/1.21.6
last-modified: Thu, 01 Sep 2022 12:51:28 GMT
etag: "6310aad0-5056"
expires: Sun, 03 Dec 2023 20:23:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

buttersource.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js

173.233.137.44

200 OK

23 kB

URL GET HTTP/1.1
buttersource.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectbuttersource.com
FingerprintFA:3D:D1:74:88:B5:6E:F0:15:0C:E7:94:01:5D:C7:6B:18:60:BE:7F
ValidityTue, 28 Nov 2023 07:57:17 GMT - Mon, 26 Feb 2024 07:57:16 GMT

File type
ASCII text, with very long lines (59647), with no line terminators
Size
23 kB (23364 bytes)
Hash
13f4f0a195c492fabfb57a0db4faad6d
f9748655b45ffa60e2db0c16b33a75de8f8edcb3
4211e400fdeb89f3af0fea5b65be706168e13aecfdd5992b6e75a5c0b120f299

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: buttersource.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=16310791; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5c592c4919b17f2529dda5fd721dca28
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png

45.133.44.10

200 OK

67 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
67 kB (67174 bytes)
Hash
a98b4585db1c6db06d6857c73bb75fcb
02a896b08a79e873b2dd26200ee1f0665dc1c80a
fc08e863ffafe25aa63fe8b60c2d5135fc5f52caf0abae4da3f1a90e0f8ed96c

HTTP Headers

GET /cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:54 GMT
content-type: image/png
content-length: 67174
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:43 GMT
etag: "62e11c7f-10666"
expires: Sun, 03 Dec 2023 20:23:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg

45.133.44.10

200 OK

30 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
30 kB (30127 bytes)
Hash
a87779ccaaa4021b0b4f33812742679a
87322480f885dc0b6463c182b7bdb3eb60ab2592
a8f8dbc930527f94496d5a9883b6034e27a673090a89b518596d6e2b656df96f

HTTP Headers

GET /cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:54 GMT
content-type: image/jpeg
content-length: 30127
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:15:44 GMT
etag: "611243c0-75af"
expires: Sun, 03 Dec 2023 20:23:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg

45.133.44.10

200 OK

28 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Size
28 kB (27606 bytes)
Hash
f4fabf64be47ce667e0cfc150667b36c
234d722efa06cbedfdad9c1bb497a942997741dd
272b7875492a55c6f53a4e4704e715cc5b3cc4e5093758cbfedd95441bfe98d8

HTTP Headers

GET /cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:54 GMT
content-type: image/jpeg
content-length: 27606
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:17:59 GMT
etag: "61124447-6bd6"
expires: Sun, 03 Dec 2023 20:23:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.nbfcs.org/px.js?ch=1&abp=1

15.197.172.60

200 OK

476 B

URL GET HTTP/1.1
www.nbfcs.org/px.js?ch=1&abp=1
IP
15.197.172.60:443
ASN
#16509 AMAZON-02

Requested by
https://www.nbfcs.org/#signUp=754549898436681728
Certificate
IssuerGoDaddy.com, Inc.
Subjectwww.nbfcs.org
FingerprintE0:6B:EC:7B:D6:B0:6E:9E:26:18:76:0D:83:E2:83:F9:02:52:F5:09
ValidityFri, 17 Nov 2023 10:08:39 GMT - Sun, 17 Nov 2024 10:08:39 GMT

File type
ASCII text
Size
476 B (476 bytes)
Hash
d2183968f9080b37babfeba3ccf10df2
24b9cf589ee6789e567fac3ae5acfc25826d00c6
4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc

HTTP Headers

GET /px.js?ch=1&abp=1 HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Thu, 30 Nov 2023 23:51:13 GMT
Connection: keep-alive
ETag: "65691ff1-1dc"
Accept-Ranges: bytes

img1.wsimg.com/parking-lander/static/css/main.ba077a97.css

95.101.10.129

200 OK

187 B

URL GET HTTP/2
img1.wsimg.com/parking-lander/static/css/main.ba077a97.css
IP
95.101.10.129:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.nbfcs.org/#signUp=754549898436681728
Certificate
IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
FingerprintB7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD
ValidityTue, 19 Sep 2023 21:06:14 GMT - Sun, 20 Oct 2024 21:06:14 GMT

File type
ASCII text
Size
187 B (187 bytes)
Hash
92cc7bc9897bfb97adb18591dc4642cb
1c42dc26c819be8dd5f5ada83532d7982353e6b3
73cf1f3e2f04d158ad8de2ad926353b2ba0f1e25b145fe063f467120a1341ea8

HTTP Headers

GET /parking-lander/static/css/main.ba077a97.css HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: FHcl3/DgxoNPMWKgxjWtDvP2QBMTP00QBIQyuqSd8wi/SHyKZCg9lFBivULNrT0TqzmloBNMYPglZFDpEyMBMQ==
x-amz-request-id: NCP9F70ZWYQAMHTJ
last-modified: Mon, 13 Nov 2023 23:32:18 GMT
etag: "92cc7bc9897bfb97adb18591dc4642cb"
x-amz-server-side-encryption: AES256
x-amz-version-id: S.cohGeac3FUy_snjCsO9LOvUc0sPSaD
accept-ranges: bytes
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sat, 30 Nov 2024 20:23:54 GMT
date: Fri, 01 Dec 2023 20:23:54 GMT
content-length: 187
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

img1.wsimg.com/parking-lander/static/js/main.ca05d067.js

95.101.10.129

200 OK

202 kB

URL GET HTTP/2
img1.wsimg.com/parking-lander/static/js/main.ca05d067.js
IP
95.101.10.129:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.nbfcs.org/#signUp=754549898436681728
Certificate
IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
FingerprintB7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD
ValidityTue, 19 Sep 2023 21:06:14 GMT - Sun, 20 Oct 2024 21:06:14 GMT

File type
ASCII text, with very long lines (65465)
Size
202 kB (201631 bytes)
Hash
811ad71e90aa2b6a4607d0c1abbca408
d3b5cfd3d7538378bf5da3585e2a9a46710acab3
c3b904813a72bc219c9c46e65ff8b8a33c38d43cc6d34db4c8f8954345bf0546

HTTP Headers

GET /parking-lander/static/js/main.ca05d067.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 0Qe0d34FHUu2CJ6wlqP2Yl5aNCExcYZtQGPpNhUNa8yIrufk1WcmHIt5b5BgYcv3V06DrgTX9UY=
x-amz-request-id: 880C98NKV5VN0CTN
last-modified: Thu, 30 Nov 2023 23:39:15 GMT
etag: "811ad71e90aa2b6a4607d0c1abbca408"
x-amz-server-side-encryption: AES256
x-amz-version-id: 81MuOeXvMcGTDHro98HRrw2Z00ZGzEYB
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 201631
cache-control: max-age=31536000
expires: Sat, 30 Nov 2024 20:23:54 GMT
date: Fri, 01 Dec 2023 20:23:54 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
c6c8ae8c27f35737303f469a97a0d6d6
652c1467367da3131d0854c68fe420d0e120801b
b17894a60beab7a08942328a9ba3791758ec9035b8d4b4e79df43145d47e5533

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 563
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:54 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

buttersource.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3llx%2FXFx8SIoDB5kF2TSPb%2FHPayuaySYTeLuSi5eqquqJ7Wp7mqquqcnOUUXZG%2BOeFFPnW%2BSDbsGcf8AQTpeloCQuWhAc%2FAmeBFx8Sg9GYg%2B6Pfe1987fN979cl2ekI8pPR45YbelErRuVbNrV5alRHXma0u3a56bs29Ul2VUbt5pToskxm84bmtmnu5%2Bq5g63qu7nqu67ledV4aEejh3JSFjPd7Xq3n1pr1mtdqYmj%2Bj23qwFIHfHBCLkLyyVNrjx9BsgJR%2BO11YdcTHb%2F%2BTpgqmmiDAd%2F7IFqPdBYhPGsD4yCI9mbT0HZCyBfnoKO9mQPowU7pAL6cEOcnD360N5MJf7B7qtRXEBF8%2FhyyQQGhCkhagOm7kPyIAIxjaRlReH9Jm4xunLK0ZCfk%2FJO%2FILMJOf%2Fri4jCb64pOaze0ipNpI4shkEOOSwg%2BwXi9ADJpgOZHYAlH0PyH8nck0VE4c6yVRqS51P3UhaQQQElRqDWQVp%2B0kEaOEhjByE%2FrtJWL3DdTuAHjUa3yRhrNBhrddu8xRvNbuAiZaW8EZJ4BKZGYGYLsdnCuvzsqHURJv0edi2H5Q5sMiHO%2B1sY8ByZIMgsQUYJMkmQJQTZIN%2FlytZtfp8rm%2FrerNZntZGPddLfprs66YuIgJrRdnxCXpiu55%2Ffnsa6OK6ynldveO0OrTfabd5ou4w3edfllNcpa7S6sDKHtOemjjfLW%2BEC4rLe%2BAM%2BPYBVB2CyApp6oNm4U3dB18bNrovN6MEg7StaYzoE1zni5DySDWdbnZCXpiI6H%2F0JwQ6v7l%2F6u%2Fj0w8tgJkdsctyRPxD01b3xTZ2RnZs6s%2BTRcpzIUG7S8n63EpqIysP3xEamDV%2B4bkcP3mIlUbb7t4VNFmnEZdS35OtrknNh5rVhgny3YFeFv5LatWupidJ4ceXt%2BYUwNsJaqaMCVB49X4DJCXnm8Pr0Zb4yvwZpCpg0R5gekllA6gOweAs2Prz68OX9C95rv8NqAqPOZvy4gizNx6bun%2F1UkkCJM0z9HPY%2F2D%2Frt%2B099E0FNLmLKMwxMDkGKgdVI9j02XESm8Orj78s4yv4qjL2lans%2BMqozyfk1covZTo5XbKVx1XRCtxAuHXhBz0%2F6FCX94Jmz6c9T3T8FvWQ2Im48%2BbP%2FwIAAP%2F%2FAQAA%2F%2F%2Bf%2FpmdewQAAA%3D%3D

192.243.59.13

200 OK

7 B

URL GET HTTP/1.1
buttersource.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3llx%2FXFx8SIoDB5kF2TSPb%2FHPayuaySYTeLuSi5eqquqJ7Wp7mqquqcnOUUXZG%2BOeFFPnW%2BSDbsGcf8AQTpeloCQuWhAc%2FAmeBFx8Sg9GYg%2B6Pfe1987fN979cl2ekI8pPR45YbelErRuVbNrV5alRHXma0u3a56bs29Ul2VUbt5pToskxm84bmtmnu5%2Bq5g63qu7nqu67ledV4aEejh3JSFjPd7Xq3n1pr1mtdqYmj%2Bj23qwFIHfHBCLkLyyVNrjx9BsgJR%2BO11YdcTHb%2F%2BTpgqmmiDAd%2F7IFqPdBYhPGsD4yCI9mbT0HZCyBfnoKO9mQPowU7pAL6cEOcnD360N5MJf7B7qtRXEBF8%2FhyyQQGhCkhagOm7kPyIAIxjaRlReH9Jm4xunLK0ZCfk%2FJO%2FILMJOf%2Fri4jCb64pOaze0ipNpI4shkEOOSwg%2BwXi9ADJpgOZHYAlH0PyH8nck0VE4c6yVRqS51P3UhaQQQElRqDWQVp%2B0kEaOEhjByE%2FrtJWL3DdTuAHjUa3yRhrNBhrddu8xRvNbuAiZaW8EZJ4BKZGYGYLsdnCuvzsqHURJv0edi2H5Q5sMiHO%2B1sY8ByZIMgsQUYJMkmQJQTZIN%2FlytZtfp8rm%2FrerNZntZGPddLfprs66YuIgJrRdnxCXpiu55%2Ffnsa6OK6ynldveO0OrTfabd5ou4w3edfllNcpa7S6sDKHtOemjjfLW%2BEC4rLe%2BAM%2BPYBVB2CyApp6oNm4U3dB18bNrovN6MEg7StaYzoE1zni5DySDWdbnZCXpiI6H%2F0JwQ6v7l%2F6u%2Fj0w8tgJkdsctyRPxD01b3xTZ2RnZs6s%2BTRcpzIUG7S8n63EpqIysP3xEamDV%2B4bkcP3mIlUbb7t4VNFmnEZdS35OtrknNh5rVhgny3YFeFv5LatWupidJ4ceXt%2BYUwNsJaqaMCVB49X4DJCXnm8Pr0Zb4yvwZpCpg0R5gekllA6gOweAs2Prz68OX9C95rv8NqAqPOZvy4gizNx6bun%2F1UkkCJM0z9HPY%2F2D%2Frt%2B099E0FNLmLKMwxMDkGKgdVI9j02XESm8Orj78s4yv4qjL2lans%2BMqozyfk1covZTo5XbKVx1XRCtxAuHXhBz0%2F6FCX94Jmz6c9T3T8FvWQ2Im48%2BbP%2FwIAAP%2F%2FAQAA%2F%2F%2Bf%2FpmdewQAAA%3D%3D
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectbuttersource.com
FingerprintFA:3D:D1:74:88:B5:6E:F0:15:0C:E7:94:01:5D:C7:6B:18:60:BE:7F
ValidityTue, 28 Nov 2023 07:57:17 GMT - Mon, 26 Feb 2024 07:57:16 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3llx%2FXFx8SIoDB5kF2TSPb%2FHPayuaySYTeLuSi5eqquqJ7Wp7mqquqcnOUUXZG%2BOeFFPnW%2BSDbsGcf8AQTpeloCQuWhAc%2FAmeBFx8Sg9GYg%2B6Pfe1987fN979cl2ekI8pPR45YbelErRuVbNrV5alRHXma0u3a56bs29Ul2VUbt5pToskxm84bmtmnu5%2Bq5g63qu7nqu67ledV4aEejh3JSFjPd7Xq3n1pr1mtdqYmj%2Bj23qwFIHfHBCLkLyyVNrjx9BsgJR%2BO11YdcTHb%2F%2BTpgqmmiDAd%2F7IFqPdBYhPGsD4yCI9mbT0HZCyBfnoKO9mQPowU7pAL6cEOcnD360N5MJf7B7qtRXEBF8%2FhyyQQGhCkhagOm7kPyIAIxjaRlReH9Jm4xunLK0ZCfk%2FJO%2FILMJOf%2Fri4jCb64pOaze0ipNpI4shkEOOSwg%2BwXi9ADJpgOZHYAlH0PyH8nck0VE4c6yVRqS51P3UhaQQQElRqDWQVp%2B0kEaOEhjByE%2FrtJWL3DdTuAHjUa3yRhrNBhrddu8xRvNbuAiZaW8EZJ4BKZGYGYLsdnCuvzsqHURJv0edi2H5Q5sMiHO%2B1sY8ByZIMgsQUYJMkmQJQTZIN%2FlytZtfp8rm%2FrerNZntZGPddLfprs66YuIgJrRdnxCXpiu55%2Ffnsa6OK6ynldveO0OrTfabd5ou4w3edfllNcpa7S6sDKHtOemjjfLW%2BEC4rLe%2BAM%2BPYBVB2CyApp6oNm4U3dB18bNrovN6MEg7StaYzoE1zni5DySDWdbnZCXpiI6H%2F0JwQ6v7l%2F6u%2Fj0w8tgJkdsctyRPxD01b3xTZ2RnZs6s%2BTRcpzIUG7S8n63EpqIysP3xEamDV%2B4bkcP3mIlUbb7t4VNFmnEZdS35OtrknNh5rVhgny3YFeFv5LatWupidJ4ceXt%2BYUwNsJaqaMCVB49X4DJCXnm8Pr0Zb4yvwZpCpg0R5gekllA6gOweAs2Prz68OX9C95rv8NqAqPOZvy4gizNx6bun%2F1UkkCJM0z9HPY%2F2D%2Frt%2B099E0FNLmLKMwxMDkGKgdVI9j02XESm8Orj78s4yv4qjL2lans%2BMqozyfk1covZTo5XbKVx1XRCtxAuHXhBz0%2F6FCX94Jmz6c9T3T8FvWQ2Im48%2BbP%2FwIAAP%2F%2FAQAA%2F%2F%2Bf%2FpmdewQAAA%3D%3D HTTP/1.1
Host: buttersource.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=16310791; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1f0db496f05b49efc6867339b775ee7
Strict-Transport-Security: max-age=0; includeSubdomains

buttersource.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuzqwY9KLBi%2BBh8CAKMts9v8ccojFGFje7axLZc3VV9Wxlq7uaqv4xu6eNgZDjiBf11PvNbpbERcwfoMisl7Ao7Fx0QffgTfAiQshRejIw%2BqDqvVffO3zf9%2BrubnpGPKT0dO2a3pZK0cVWza2%2BuS4jrnNbXblZ9dyae7G6LqN282J1UF4me8dzWzX3reqHgm3qxbrrua7netWr0ohADxanKGR82PNqPbfWrNe8VhMD8%2F%2Fepg4sdcCzM3IBkk%2Be23j8CJKNEYXfXhF2M9Hx2x%2BEqaKJNsj4wSfRZqTzCOG8DIyDIDqYTUPbCSFfnIOODmYKoLO9UgF8OSHOLx786GBGE362%2F4ypryAi%2BPxF5NkYQo0h6RhM34HkJwRgHCuriML7K9rkdOsZSkt0Qhae%2FAOZT8jC768gCr%2B5rOSgekOrNJE6shgEBeRgDNkfI06PkGw7kPkRWPIpJP%2BZLD5ZRhTurVqlIXkxVS%2FlGDIYQ4khqHWQlkc6SAMHaewg5KdV2uoFrtsJ%2FKDR6DYZY40GY61um7d4o9kNXKSspDdEEg%2FB1BDM7CA2O9iUn520LsCkP8BuFLDcgU0mxPl4BxkvkAuC3BLklCCXBHlCkGfFPle2bov7XNnU92a5PsuNYqST%2Fi7d10lfRATUDHfjM%2FLy1J6nfzyPTXFaZT2v3vDaHVpvtNu80XYZb%2FKuyymvU9ZodWFlAWnPTRVvl7vCecRlvvYXfHoEq47AZAU09UDzUafugm6Mml0X29GDLO0rWmM6BNcF4mQByZazq87Iq1MSr1fOINjxpYevHZ733vgTzBSITYFb8keCvro3uq5zsndd55Y8Wo0TGcptWu7vRkITUXn4kdjKteFLV%2BzwwXusBMry8KawyTKNuIz6lnx9WXIuzFVtmCDfLdl14a%2BlduNyaqI0Xl57%2F%2BpSGBthrdTRGFSerD4FkxOycPv76c986ae7kGYMkxYI02MyC0h9BBbvwMZz9lYTGDWf8eNzyNNiZOr%2B%2FFFJAiXmPfUL2P%2F0%2FrzetffQNxXQ5A6isEBmCmSqAFVD2PSFURKb40uPvyzjK%2FiqMvKVqez5yqjPS2t%2Fm%2Fo7IZ3bf8PK06poBW4g3Lrwg54fdKjLe0Gz59OeJzp%2Bi3pI7ETcevfXfwEAAP%2F%2FAQAA%2F%2F8lk4CZewQAAA%3D%3D

192.243.59.13

200 OK

7 B

URL GET HTTP/1.1
buttersource.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuzqwY9KLBi%2BBh8CAKMts9v8ccojFGFje7axLZc3VV9Wxlq7uaqv4xu6eNgZDjiBf11PvNbpbERcwfoMisl7Ao7Fx0QffgTfAiQshRejIw%2BqDqvVffO3zf9%2BrubnpGPKT0dO2a3pZK0cVWza2%2BuS4jrnNbXblZ9dyae7G6LqN282J1UF4me8dzWzX3reqHgm3qxbrrua7netWr0ohADxanKGR82PNqPbfWrNe8VhMD8%2F%2Fepg4sdcCzM3IBkk%2Be23j8CJKNEYXfXhF2M9Hx2x%2BEqaKJNsj4wSfRZqTzCOG8DIyDIDqYTUPbCSFfnIOODmYKoLO9UgF8OSHOLx786GBGE362%2F4ypryAi%2BPxF5NkYQo0h6RhM34HkJwRgHCuriML7K9rkdOsZSkt0Qhae%2FAOZT8jC768gCr%2B5rOSgekOrNJE6shgEBeRgDNkfI06PkGw7kPkRWPIpJP%2BZLD5ZRhTurVqlIXkxVS%2FlGDIYQ4khqHWQlkc6SAMHaewg5KdV2uoFrtsJ%2FKDR6DYZY40GY61um7d4o9kNXKSspDdEEg%2FB1BDM7CA2O9iUn520LsCkP8BuFLDcgU0mxPl4BxkvkAuC3BLklCCXBHlCkGfFPle2bov7XNnU92a5PsuNYqST%2Fi7d10lfRATUDHfjM%2FLy1J6nfzyPTXFaZT2v3vDaHVpvtNu80XYZb%2FKuyymvU9ZodWFlAWnPTRVvl7vCecRlvvYXfHoEq47AZAU09UDzUafugm6Mml0X29GDLO0rWmM6BNcF4mQByZazq87Iq1MSr1fOINjxpYevHZ733vgTzBSITYFb8keCvro3uq5zsndd55Y8Wo0TGcptWu7vRkITUXn4kdjKteFLV%2BzwwXusBMry8KawyTKNuIz6lnx9WXIuzFVtmCDfLdl14a%2BlduNyaqI0Xl57%2F%2BpSGBthrdTRGFSerD4FkxOycPv76c986ae7kGYMkxYI02MyC0h9BBbvwMZz9lYTGDWf8eNzyNNiZOr%2B%2FFFJAiXmPfUL2P%2F0%2FrzetffQNxXQ5A6isEBmCmSqAFVD2PSFURKb40uPvyzjK%2FiqMvKVqez5yqjPS2t%2Fm%2Fo7IZ3bf8PK06poBW4g3Lrwg54fdKjLe0Gz59OeJzp%2Bi3pI7ETcevfXfwEAAP%2F%2FAQAA%2F%2F8lk4CZewQAAA%3D%3D
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectbuttersource.com
FingerprintFA:3D:D1:74:88:B5:6E:F0:15:0C:E7:94:01:5D:C7:6B:18:60:BE:7F
ValidityTue, 28 Nov 2023 07:57:17 GMT - Mon, 26 Feb 2024 07:57:16 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuzqwY9KLBi%2BBh8CAKMts9v8ccojFGFje7axLZc3VV9Wxlq7uaqv4xu6eNgZDjiBf11PvNbpbERcwfoMisl7Ao7Fx0QffgTfAiQshRejIw%2BqDqvVffO3zf9%2BrubnpGPKT0dO2a3pZK0cVWza2%2BuS4jrnNbXblZ9dyae7G6LqN282J1UF4me8dzWzX3reqHgm3qxbrrua7netWr0ohADxanKGR82PNqPbfWrNe8VhMD8%2F%2Fepg4sdcCzM3IBkk%2Be23j8CJKNEYXfXhF2M9Hx2x%2BEqaKJNsj4wSfRZqTzCOG8DIyDIDqYTUPbCSFfnIOODmYKoLO9UgF8OSHOLx786GBGE362%2F4ypryAi%2BPxF5NkYQo0h6RhM34HkJwRgHCuriML7K9rkdOsZSkt0Qhae%2FAOZT8jC768gCr%2B5rOSgekOrNJE6shgEBeRgDNkfI06PkGw7kPkRWPIpJP%2BZLD5ZRhTurVqlIXkxVS%2FlGDIYQ4khqHWQlkc6SAMHaewg5KdV2uoFrtsJ%2FKDR6DYZY40GY61um7d4o9kNXKSspDdEEg%2FB1BDM7CA2O9iUn520LsCkP8BuFLDcgU0mxPl4BxkvkAuC3BLklCCXBHlCkGfFPle2bov7XNnU92a5PsuNYqST%2Fi7d10lfRATUDHfjM%2FLy1J6nfzyPTXFaZT2v3vDaHVpvtNu80XYZb%2FKuyymvU9ZodWFlAWnPTRVvl7vCecRlvvYXfHoEq47AZAU09UDzUafugm6Mml0X29GDLO0rWmM6BNcF4mQByZazq87Iq1MSr1fOINjxpYevHZ733vgTzBSITYFb8keCvro3uq5zsndd55Y8Wo0TGcptWu7vRkITUXn4kdjKteFLV%2BzwwXusBMry8KawyTKNuIz6lnx9WXIuzFVtmCDfLdl14a%2BlduNyaqI0Xl57%2F%2BpSGBthrdTRGFSerD4FkxOycPv76c986ae7kGYMkxYI02MyC0h9BBbvwMZz9lYTGDWf8eNzyNNiZOr%2B%2FFFJAiXmPfUL2P%2F0%2FrzetffQNxXQ5A6isEBmCmSqAFVD2PSFURKb40uPvyzjK%2FiqMvKVqez5yqjPS2t%2Fm%2Fo7IZ3bf8PK06poBW4g3Lrwg54fdKjLe0Gz59OeJzp%2Bi3pI7ETcevfXfwEAAP%2F%2FAQAA%2F%2F8lk4CZewQAAA%3D%3D HTTP/1.1
Host: buttersource.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=16310791; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d74d09db5405c88af6b0c5c975727f4f
Strict-Transport-Security: max-age=0; includeSubdomains

www.nbfcs.org/px.js?ch=2&abp=1

15.197.172.60

200 OK

476 B

URL GET HTTP/1.1
www.nbfcs.org/px.js?ch=2&abp=1
IP
15.197.172.60:443
ASN
#16509 AMAZON-02

Requested by
https://www.nbfcs.org/#signUp=754549898436681728
Certificate
IssuerGoDaddy.com, Inc.
Subjectwww.nbfcs.org
FingerprintE0:6B:EC:7B:D6:B0:6E:9E:26:18:76:0D:83:E2:83:F9:02:52:F5:09
ValidityFri, 17 Nov 2023 10:08:39 GMT - Sun, 17 Nov 2024 10:08:39 GMT

File type
ASCII text
Size
476 B (476 bytes)
Hash
d2183968f9080b37babfeba3ccf10df2
24b9cf589ee6789e567fac3ae5acfc25826d00c6
4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc

HTTP Headers

GET /px.js?ch=2&abp=1 HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Thu, 30 Nov 2023 23:51:13 GMT
Connection: keep-alive
ETag: "65691ff1-1dc"
Accept-Ranges: bytes

rollerstrayprawn.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3qwiiIJB%2FANhDgEV3dnunu6dHnNYjTEhmD%2BTaK5WV1XPVra6q6nqnt7saWNAc5ygB4%2B9bzZZo0HMVZDIrB5kIbDjQeaQ9SqoIARyltkdWPwO9X1V7x3ee199tl7uEg8lHZ8%2Fo1elUnQ%2BbLqN1y%2FLjOvKNs5eanhu0z3auCyzheBoY2VymN7bnhs23TcaJwVb1vO%2B67mu53qNE9KIRK%2FM76GQ%2Bd2O1%2By4zcBvemGAFfP%2Fuy0dWOqA93bJYUg%2BemLp13uQbIgs%2Ff64sMuFzt96Py0VLbRBj29%2BlC1nusqQHoyJcZBkm1M2tB0R8tUMdLY5dQDd25g4QCxHxPndQ5xtTmUi7t3aVxoriAwxfxpVbwihhpB0CKavQ%2FIdAjCOs%2BeQpbfPalPRq%2FsonaAjMvv4EWQ1IrMPn0eWfndMyZXGRa3KQurMYiWpIVeGkN0h8nILxaoDWW2BFZ9C8gdk%2FvFpZOnGOas0JB8fodQL2jSJ51pRkMwFvsvnopCGc5HPhM9ESP0o2otIyiFkMoQSfVB7CKV1UEoHZeKgzB2kfNygYSdx3XYSJ61WFDDGWi3GwmiBh7wVRImLkk089FHkfTDVBzNryM0aluXNnfAwTPkT7FINy2dgixFxPlxDj9eoBEFlCSpKUEmCqiCoevUtrqxv69tc2TL2pt2f9lY90EV3nd7SRVdkBNT01%2FNd8txehn%2F9GWFZjBvca7Vd3%2B%2F4YcyYTxciN4loELQXkqQTeEEAK2tIOwNqHaxOFoqnkE%2F6mb8R0y1YtQUmD4GWr4JWg7bvgi4NgsjFananV3YVbTKdgusaeTGL4qqzrnbJy3siTn55DYJtL%2F7z7MezL31RgpkaualxRf5M0FU3Bhd0RTYu6MqSe%2BfyQqZylU6WfLGghZj95gNxtdKGnzpu%2B3feZRNgMt69JGxxmmZcZl1Lvj0mORfmhDZMkB9P2csiPl%2FapWOlycr89Pn3TpxKcyOslTobgsqdT%2B6DyRF55vbi3vd97esfIM0QpqyRlttkWpB6Cyxfg823F%2F94MH7h8zdnYDWBUQecOHdQlfXA%2BPHBo5Ij4j96EUpsL%2F5y7ckjD%2BdfAY1rWHEQQyy27%2F%2B7z1%2B3N9A1DmhxHVlao2dq9FQNqvqw5aFBkZvtxd9ae4VYOYNYGWcjVkbd3I%2FXynFDhImbCNcXcdKJkzZ1eScJOjHteKIdh9RDYUfiyjvj%2FwAAAP%2F%2FAQAA%2F%2F%2F52pnzmgQAAA%3D%3D

192.243.59.12

200 OK

7 B

URL GET HTTP/1.1
rollerstrayprawn.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3qwiiIJB%2FANhDgEV3dnunu6dHnNYjTEhmD%2BTaK5WV1XPVra6q6nqnt7saWNAc5ygB4%2B9bzZZo0HMVZDIrB5kIbDjQeaQ9SqoIARyltkdWPwO9X1V7x3ee199tl7uEg8lHZ8%2Fo1elUnQ%2BbLqN1y%2FLjOvKNs5eanhu0z3auCyzheBoY2VymN7bnhs23TcaJwVb1vO%2B67mu53qNE9KIRK%2FM76GQ%2Bd2O1%2By4zcBvemGAFfP%2Fuy0dWOqA93bJYUg%2BemLp13uQbIgs%2Ff64sMuFzt96Py0VLbRBj29%2BlC1nusqQHoyJcZBkm1M2tB0R8tUMdLY5dQDd25g4QCxHxPndQ5xtTmUi7t3aVxoriAwxfxpVbwihhpB0CKavQ%2FIdAjCOs%2BeQpbfPalPRq%2FsonaAjMvv4EWQ1IrMPn0eWfndMyZXGRa3KQurMYiWpIVeGkN0h8nILxaoDWW2BFZ9C8gdk%2FvFpZOnGOas0JB8fodQL2jSJ51pRkMwFvsvnopCGc5HPhM9ESP0o2otIyiFkMoQSfVB7CKV1UEoHZeKgzB2kfNygYSdx3XYSJ61WFDDGWi3GwmiBh7wVRImLkk089FHkfTDVBzNryM0aluXNnfAwTPkT7FINy2dgixFxPlxDj9eoBEFlCSpKUEmCqiCoevUtrqxv69tc2TL2pt2f9lY90EV3nd7SRVdkBNT01%2FNd8txehn%2F9GWFZjBvca7Vd3%2B%2F4YcyYTxciN4loELQXkqQTeEEAK2tIOwNqHaxOFoqnkE%2F6mb8R0y1YtQUmD4GWr4JWg7bvgi4NgsjFananV3YVbTKdgusaeTGL4qqzrnbJy3siTn55DYJtL%2F7z7MezL31RgpkaualxRf5M0FU3Bhd0RTYu6MqSe%2BfyQqZylU6WfLGghZj95gNxtdKGnzpu%2B3feZRNgMt69JGxxmmZcZl1Lvj0mORfmhDZMkB9P2csiPl%2FapWOlycr89Pn3TpxKcyOslTobgsqdT%2B6DyRF55vbi3vd97esfIM0QpqyRlttkWpB6Cyxfg823F%2F94MH7h8zdnYDWBUQecOHdQlfXA%2BPHBo5Ij4j96EUpsL%2F5y7ckjD%2BdfAY1rWHEQQyy27%2F%2B7z1%2B3N9A1DmhxHVlao2dq9FQNqvqw5aFBkZvtxd9ae4VYOYNYGWcjVkbd3I%2FXynFDhImbCNcXcdKJkzZ1eScJOjHteKIdh9RDYUfiyjvj%2FwAAAP%2F%2FAQAA%2F%2F%2F52pnzmgQAAA%3D%3D
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectrollerstrayprawn.com
Fingerprint9E:74:D1:93:DF:47:C6:06:84:EA:02:9E:E8:F3:B5:CF:52:D3:9F:D0
ValidityTue, 28 Nov 2023 10:59:19 GMT - Mon, 26 Feb 2024 10:59:18 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3qwiiIJB%2FANhDgEV3dnunu6dHnNYjTEhmD%2BTaK5WV1XPVra6q6nqnt7saWNAc5ygB4%2B9bzZZo0HMVZDIrB5kIbDjQeaQ9SqoIARyltkdWPwO9X1V7x3ee199tl7uEg8lHZ8%2Fo1elUnQ%2BbLqN1y%2FLjOvKNs5eanhu0z3auCyzheBoY2VymN7bnhs23TcaJwVb1vO%2B67mu53qNE9KIRK%2FM76GQ%2Bd2O1%2By4zcBvemGAFfP%2Fuy0dWOqA93bJYUg%2BemLp13uQbIgs%2Ff64sMuFzt96Py0VLbRBj29%2BlC1nusqQHoyJcZBkm1M2tB0R8tUMdLY5dQDd25g4QCxHxPndQ5xtTmUi7t3aVxoriAwxfxpVbwihhpB0CKavQ%2FIdAjCOs%2BeQpbfPalPRq%2FsonaAjMvv4EWQ1IrMPn0eWfndMyZXGRa3KQurMYiWpIVeGkN0h8nILxaoDWW2BFZ9C8gdk%2FvFpZOnGOas0JB8fodQL2jSJ51pRkMwFvsvnopCGc5HPhM9ESP0o2otIyiFkMoQSfVB7CKV1UEoHZeKgzB2kfNygYSdx3XYSJ61WFDDGWi3GwmiBh7wVRImLkk089FHkfTDVBzNryM0aluXNnfAwTPkT7FINy2dgixFxPlxDj9eoBEFlCSpKUEmCqiCoevUtrqxv69tc2TL2pt2f9lY90EV3nd7SRVdkBNT01%2FNd8txehn%2F9GWFZjBvca7Vd3%2B%2F4YcyYTxciN4loELQXkqQTeEEAK2tIOwNqHaxOFoqnkE%2F6mb8R0y1YtQUmD4GWr4JWg7bvgi4NgsjFananV3YVbTKdgusaeTGL4qqzrnbJy3siTn55DYJtL%2F7z7MezL31RgpkaualxRf5M0FU3Bhd0RTYu6MqSe%2BfyQqZylU6WfLGghZj95gNxtdKGnzpu%2B3feZRNgMt69JGxxmmZcZl1Lvj0mORfmhDZMkB9P2csiPl%2FapWOlycr89Pn3TpxKcyOslTobgsqdT%2B6DyRF55vbi3vd97esfIM0QpqyRlttkWpB6Cyxfg823F%2F94MH7h8zdnYDWBUQecOHdQlfXA%2BPHBo5Ij4j96EUpsL%2F5y7ckjD%2BdfAY1rWHEQQyy27%2F%2B7z1%2B3N9A1DmhxHVlao2dq9FQNqvqw5aFBkZvtxd9ae4VYOYNYGWcjVkbd3I%2FXynFDhImbCNcXcdKJkzZ1eScJOjHteKIdh9RDYUfiyjvj%2FwAAAP%2F%2FAQAA%2F%2F%2F52pnzmgQAAA%3D%3D HTTP/1.1
Host: rollerstrayprawn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=15460408; uid_id2=aa147afb-384f-420d-85a5-82ce2ce5a288:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9f976c5044435c7f9e61dffdce3d09f2
Strict-Transport-Security: max-age=0; includeSubdomains

rudimentarydelay.com/pixel/purst?dl=0&th=0&sc=0&rs=6255&rd=6255&fd=235&bv=23.11.v.8&tmpl=136

173.233.137.44

200 OK

0 B

URL GET HTTP/1.1
rudimentarydelay.com/pixel/purst?dl=0&th=0&sc=0&rs=6255&rd=6255&fd=235&bv=23.11.v.8&tmpl=136
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectrudimentarydelay.com
FingerprintAF:AC:08:6C:AD:81:27:4D:77:70:CD:C5:06:F7:10:EE:8E:EE:2C:9D
ValidityTue, 28 Nov 2023 10:48:56 GMT - Mon, 26 Feb 2024 10:48:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=6255&rd=6255&fd=235&bv=23.11.v.8&tmpl=136 HTTP/1.1
Host: rudimentarydelay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

vaugroar.com/custom

139.45.197.250

200 OK

39 B

URL POST HTTP/2
vaugroar.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectvaugroar.com
FingerprintF5:48:7D:7C:B6:28:8D:55:D3:7D:CF:03:2F:84:BE:B7:FD:20:F0:EE
ValiditySun, 12 Nov 2023 05:15:08 GMT - Sat, 10 Feb 2024 05:15:07 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: vaugroar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 798
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:55 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 89495bb8beff77e855238494f4fd7b8d
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/img/close.png

172.64.108.10

200 OK

9.0 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/img/close.png
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
PNG image data, 497 x 496, 8-bit/color RGBA, non-interlaced\012- data
Size
9.0 kB (8952 bytes)
Hash
b080cbdd5cc827b5a659a45676c079d4
3502ad6743a3a42dd92ee3cea142616356f47359
c89d28b4be45a7af77493e8f6c76894a7ba86469e5b6733e6ca3cb33eaabcd8f

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:55 GMT
content-type: image/png
content-length: 8952
last-modified: Thu, 19 Oct 2023 15:25:30 GMT
etag: "65314a6a-22f8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2631925
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HauftGX8iDD84FULfJiaWndEqaFfJKBXEzJRM715t07nOs0FaaCutKo1WBB4TNvTeurSVsK0Ct5ASuaU7b9MDqjMr%2B6XyYiqWN3884E%2FKa%2Bjx%2F0qgsk%2FzAyVOVqA9hnu45%2Fk1Kjr%2B5S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cfa3fde7327-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/img/bg.jpg

172.64.108.10

200 OK

197 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/img/bg.jpg
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size
197 kB (196572 bytes)
Hash
0f268ac97ce309645d705ae25e03383b
4c1462adfe8488d6f43f5a56a36b6302a29ac054
9d809e2358a07890e0a8683526070118f7c1056f25e30aee0fdfd020d6377bad

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/img/bg.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:55 GMT
content-type: image/jpeg
content-length: 196572
last-modified: Thu, 19 Oct 2023 15:25:32 GMT
etag: "65314a6c-2ffdc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1613289
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfJBkfbyTtxZAFad3P1FVAcXPEzFk3AQx0BsaAAM9cI3%2FLsB32TezEQXrAD0DhoNwL6i9Hl0wgxrg%2BmZpPplVXQRzN5zlYxJbs5iQwSRFp22MJPJDyBVfXLBnyDoTYMXu5X%2F2jMVv%2Fk4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cfa3fe77327-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

16 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
16 kB (16438 bytes)
Hash
8b43bb61c3ca5de5afa71fe41a08e0b9
476a25c876fb48b0b52889e8a4893b80c873e7a0
f587d15772eac84ae6fcffa74c0c0de3db9db5be89c058f3b23a6184eb2eb059

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Dec 2023 20:23:55 GMT
date: Fri, 01 Dec 2023 20:23:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 169799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/css/animate.css

172.64.108.10

200 OK

4.9 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/css/animate.css
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text
Size
4.9 kB (4854 bytes)
Hash
e1d8acd5ee9d1a90ea09313cbd8f2b02
8a8327b115d1356715e63270d1ce6d46124c7b1a
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:55 GMT
content-type: text/css
last-modified: Thu, 19 Oct 2023 15:30:49 GMT
etag: W/"65314ba9-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2F%2F6vssb2CwK0rhsqOvHqZvFv8Kg8RmjMbw03TjXz6EN%2BHn0%2FlZyjOdUBmQSS%2FGESOxCzOP3sHWwpsvLObPvw0lqxuQniOkm1qrHKv5EsAObXz1tNa1cKvtLj%2FOwt%2BFPfQokwrwXatBT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cf99e3f531c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

rollerstrayprawn.com/pixel/sbs?c=1

173.233.137.60

200 OK

0 B

URL GET HTTP/1.1
rollerstrayprawn.com/pixel/sbs?c=1
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectrollerstrayprawn.com
Fingerprint9E:74:D1:93:DF:47:C6:06:84:EA:02:9E:E8:F3:B5:CF:52:D3:9F:D0
ValidityTue, 28 Nov 2023 10:59:19 GMT - Mon, 26 Feb 2024 10:59:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: rollerstrayprawn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=15460408; uid_id2=aa147afb-384f-420d-85a5-82ce2ce5a288:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/fonts/gP1RrxsjcxVyin9l9nj2hTd52.woff2

172.64.108.10

200 OK

17 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/fonts/gP1RrxsjcxVyin9l9nj2hTd52.woff2
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17360, version 1.0\012- data
Size
17 kB (17360 bytes)
Hash
70322c317b1f4e2e17dbc6b672f95f5f
f3dff7c50e1aea33814c6aeeca177ae3ff900bfc
3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/fonts/gP1RrxsjcxVyin9l9nj2hTd52.woff2 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:55 GMT
content-type: application/octet-stream
content-length: 17360
last-modified: Thu, 19 Oct 2023 15:25:28 GMT
etag: "65314a68-43d0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=017e7WE3y8mSrfRrQO0MhUGFy1y4d1d8%2B6RlC9QiE0yNVw2ZuWGhTm5%2FM2rzk%2B98RxV6iW1hayAo2EBxIr%2BFEbRqAV9%2F0Xpf7Tqu5EABd5VLlxhMV0ib6HLt05%2BlODZx0HeXpuUFkF5K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cfc487d531c-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=aa147afb-384f-420d-85a5-82ce2ce5a288&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=d137022925bcc2a680f8a4476ff94144&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=aa147afb-384f-420d-85a5-82ce2ce5a288&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=d137022925bcc2a680f8a4476ff94144&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=aa147afb-384f-420d-85a5-82ce2ce5a288&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=d137022925bcc2a680f8a4476ff94144&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d303085121905130e3d07015e6cc96d4
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/js/script.js

172.64.108.10

200 OK

1.5 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/js/script.js
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
Unicode text, UTF-8 text
Size
1.5 kB (1534 bytes)
Hash
b64985705b68c11b9b30d7ca43e1f095
8b5d6dc7edce43d08791bbf7aec72e15dabe528d
29ad23b2ed8670b41c45429c724b7939b4b0643db9d555b79868337aaa8afca0

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:55 GMT
content-type: application/javascript
last-modified: Thu, 19 Oct 2023 15:25:32 GMT
etag: W/"65314a6c-f3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 66571
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiMeVohntm9Tby0dzUFOaySXtN6ovzU35aeYpjkuA4zpFZJp%2BPZeXlq8OMWMPm9uT9w2sBigW4V6%2F8Gd4IM0Z91mOnu8hvdQb%2FOfoWEb8dD3J94iqeErhmAPUjatHosdWf46BGkXqxuL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cf9ce7f531c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

eehuzaih.com/impression/u7v4DiK7gE0V6_auRroyZHU8wkpeUEoFmfiWECACWB12qZDriZxniMm45-fNjpSZEWnsNCuRVYnutFea1zy8nw2xIucwIoVK8KhmNxsIHS2g2DXFLI4K-6zjPgdAUgQXnoTR5IqjWcYvELJzyeM3htrh4TFK3dIZ22N4RwGiGpHl39Ghqtjh3yFtcB9-craZ1yJMFHnfqQKRkGb4hKpckaA_DoprffYt2WT7VSLCXk8U39dP8Sbx4l_fWDEJPtAn4GF1MQi--g1IOt3Dlsz35re3JHs42pVIkjrfHXmrhcHAjOoEuHe9LDXmfII_BNPCVEXzCSov0smbMFpXyfrNyyANPML1nkGhC7e7L4e7fWn70yuFJgYGzEK34BwntjOlYHh5bPu3igbmyEIK3BEjXWipYk-wE1Cwdt0Tps-LHuUxwshgFrWXbzmyf-PJwc7N9SmTUhSkTn_iILWwMCNu_lQ3hy8xVWBupHH7m2VofMKT_xmx6gZCuBOxFukvugyedLCQm8-oL0JXaxjKXZaYEolMA1TQkx8nk4VHCp9bXnGZKDG6_kH1LLJZs8I85T30kEHHNhDJejwamCuCDB-xZTEsQx7RpCcM0t04O6Zqgjeo46n5IoFMCOWC2WZ7mD0Yzi5F6CU9pGQGhQdyJ367SkLuTPprf7gRBSfMdciyLjJ0KV__9PTiKbZCJ1rhhc4sUARMIg3kAav8gnHjI__XR9Nr-f6aYRlw68r6d09O4AzaNM8WYy5yVUy51XHXEh5E0uWdhA==?_z=5005565&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=9&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0

139.45.197.237

200 OK

43 B

URL GET HTTP/2
eehuzaih.com/impression/u7v4DiK7gE0V6_auRroyZHU8wkpeUEoFmfiWECACWB12qZDriZxniMm45-fNjpSZEWnsNCuRVYnutFea1zy8nw2xIucwIoVK8KhmNxsIHS2g2DXFLI4K-6zjPgdAUgQXnoTR5IqjWcYvELJzyeM3htrh4TFK3dIZ22N4RwGiGpHl39Ghqtjh3yFtcB9-craZ1yJMFHnfqQKRkGb4hKpckaA_DoprffYt2WT7VSLCXk8U39dP8Sbx4l_fWDEJPtAn4GF1MQi--g1IOt3Dlsz35re3JHs42pVIkjrfHXmrhcHAjOoEuHe9LDXmfII_BNPCVEXzCSov0smbMFpXyfrNyyANPML1nkGhC7e7L4e7fWn70yuFJgYGzEK34BwntjOlYHh5bPu3igbmyEIK3BEjXWipYk-wE1Cwdt0Tps-LHuUxwshgFrWXbzmyf-PJwc7N9SmTUhSkTn_iILWwMCNu_lQ3hy8xVWBupHH7m2VofMKT_xmx6gZCuBOxFukvugyedLCQm8-oL0JXaxjKXZaYEolMA1TQkx8nk4VHCp9bXnGZKDG6_kH1LLJZs8I85T30kEHHNhDJejwamCuCDB-xZTEsQx7RpCcM0t04O6Zqgjeo46n5IoFMCOWC2WZ7mD0Yzi5F6CU9pGQGhQdyJ367SkLuTPprf7gRBSfMdciyLjJ0KV__9PTiKbZCJ1rhhc4sUARMIg3kAav8gnHjI__XR9Nr-f6aYRlw68r6d09O4AzaNM8WYy5yVUy51XHXEh5E0uWdhA==?_z=5005565&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=9&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjecteehuzaih.com
FingerprintAC:55:E9:5B:5B:87:BF:89:7C:BE:E0:77:14:BE:B7:B4:16:AB:70:5A
ValiditySun, 12 Nov 2023 08:38:54 GMT - Sat, 10 Feb 2024 08:38:53 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/u7v4DiK7gE0V6_auRroyZHU8wkpeUEoFmfiWECACWB12qZDriZxniMm45-fNjpSZEWnsNCuRVYnutFea1zy8nw2xIucwIoVK8KhmNxsIHS2g2DXFLI4K-6zjPgdAUgQXnoTR5IqjWcYvELJzyeM3htrh4TFK3dIZ22N4RwGiGpHl39Ghqtjh3yFtcB9-craZ1yJMFHnfqQKRkGb4hKpckaA_DoprffYt2WT7VSLCXk8U39dP8Sbx4l_fWDEJPtAn4GF1MQi--g1IOt3Dlsz35re3JHs42pVIkjrfHXmrhcHAjOoEuHe9LDXmfII_BNPCVEXzCSov0smbMFpXyfrNyyANPML1nkGhC7e7L4e7fWn70yuFJgYGzEK34BwntjOlYHh5bPu3igbmyEIK3BEjXWipYk-wE1Cwdt0Tps-LHuUxwshgFrWXbzmyf-PJwc7N9SmTUhSkTn_iILWwMCNu_lQ3hy8xVWBupHH7m2VofMKT_xmx6gZCuBOxFukvugyedLCQm8-oL0JXaxjKXZaYEolMA1TQkx8nk4VHCp9bXnGZKDG6_kH1LLJZs8I85T30kEHHNhDJejwamCuCDB-xZTEsQx7RpCcM0t04O6Zqgjeo46n5IoFMCOWC2WZ7mD0Yzi5F6CU9pGQGhQdyJ367SkLuTPprf7gRBSfMdciyLjJ0KV__9PTiKbZCJ1rhhc4sUARMIg3kAav8gnHjI__XR9Nr-f6aYRlw68r6d09O4AzaNM8WYy5yVUy51XHXEh5E0uWdhA==?_z=5005565&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=9&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: OAID=fc6b62f817f7473a906e4e9a39f79ea0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:56 GMT
content-type: image/gif
content-length: 43
x-trace-id: 319561d69f3b072897957e7c4cb1926c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701462235997&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=463628786.1701462236&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701462236&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&dt=%C5%BDivotinje%3A%20Kako%20su%20%27rok%20zvezde%27%20pande%20ostale%20bez%20ljubavne%20pri%C4%8De%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=8560

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701462235997&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=463628786.1701462236&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701462236&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&dt=%C5%BDivotinje%3A%20Kako%20su%20%27rok%20zvezde%27%20pande%20ostale%20bez%20ljubavne%20pri%C4%8De%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=8560
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701462235997&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=463628786.1701462236&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701462236&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&dt=%C5%BDivotinje%3A%20Kako%20su%20%27rok%20zvezde%27%20pande%20ostale%20bez%20ljubavne%20pri%C4%8De%20-%20Vugla&en=scroll&epn.percent_scrolled=90&tfd=8560 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://www.vugla.com
date: Fri, 01 Dec 2023 20:23:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg

104.22.32.172

200 OK

19 kB

URL GET HTTP/2
offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg
IP
104.22.32.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
19 kB (19381 bytes)
Hash
71581bf2ce9a00138faf7dd80fe3e12e
56479135ed64bf23e1037067c0c87047eb8a414c
5d9f95c8c06343cc189b38268296615ed8816d8154b4b782ad0d62bedd23525e

HTTP Headers

GET /www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:57 GMT
content-type: image/jpeg
content-length: 19381
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
cache-control: max-age=86400
cf-bgj: h2pri
etag: "65674405-4bb5"
expires: Sat, 02 Dec 2023 14:07:42 GMT
last-modified: Wed, 29 Nov 2023 14:00:37 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 22575
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0d0758d72dfa-ARN
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 169801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 141983
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg

104.22.32.172

200 OK

19 kB

URL GET HTTP/2
offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg
IP
104.22.32.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
19 kB (19381 bytes)
Hash
71581bf2ce9a00138faf7dd80fe3e12e
56479135ed64bf23e1037067c0c87047eb8a414c
5d9f95c8c06343cc189b38268296615ed8816d8154b4b782ad0d62bedd23525e

HTTP Headers

GET /www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:57 GMT
content-type: image/jpeg
content-length: 19381
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
cache-control: max-age=86400
cf-bgj: h2pri
etag: "65674405-4bb5"
expires: Sat, 02 Dec 2023 14:07:42 GMT
last-modified: Wed, 29 Nov 2023 14:00:37 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 22575
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0d07f9792dfa-ARN
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

142.250.74.106

17 kB

URL
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
17 kB (16655 bytes)
Hash
fcc7ee5678541adea03770b8cfafd146
e5d4c9d76cabeef9e8faa14ff0ed07bd097396fc
1474e26a5116379d3fa3f65cec9f195f0d826c24891a55a15f39c92dae12405d

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Dec 2023 20:23:57 GMT
date: Fri, 01 Dec 2023 20:23:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 141983
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

tharbadir.com/11?rnd=1404754519&z=2892323&b=15763363&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=GFOt6dZtFtUvadx--7WZItHuwKOehtJ_sVwEBamYXT-HGbzJGaPeV9lYpZqi5siCf7di2jCOdPuFDX-gNQg32aNKOq5i0LlSBmTd9SXGTZos1zOf3mG4ejyO42GlyNdoVrxUUx2LmDygsvn_cZYIuRI1m0ez4vOU_s85VofWorYLyimjQJ_vWGcY9oxl1zx03HYpjD9qo4SaTKUyHLxpWowt4hvcCWnmQHRwwEnNZ52DF0Y08uuFBtZ2vupO3jz7UBnWkCtUcm5E73JxTjrVBW9ejjdJORDPFkqOedvekev2i763kXRFGMCXCZOcIyCh8MNK3RYvq9tRvlAn4zIsqtBNtWfs9O4sORiugwTT-tya2DSsbkipPDDNC6Yzws9C4HnrRRmH_MEFK3uBzcZBghobKM0jf-NU2TwpRl9lsxvVlIsiWSny9f2gEQU2PNBMBxrl3T9QRSJapLdZ-aCXoNLX600KglmVmhVDDbNZjyYcPbmDHS949EpiTE_3Xoh3nvTnsRSB_as9AFLF4kdU1Aws8JRDsdlxzyFLPKH_06Nxcy5cg2FgZcXdnXJavdZN9w_z7q09Y7UV2cvjUSTFsNLooamCXlc9btprKRl15GS_FxkeqiSAkluw9NZLBrQldZ5MmJHqJCuobEuq26tYB64Z4UQ6qGgldX4Pzrgo3KFyRbHePETHSGioFv6V8dt-RDrDdmyIuPP4PIbB-tvCdlnm6Nq6o-cHwTf1Uw==&ruid=36d21996-3161-4244-a1dd-aa2fea7ab614&subid=754549898436681728&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1

139.45.197.238

200 OK

0 B

URL GET HTTP/2
tharbadir.com/11?rnd=1404754519&z=2892323&b=15763363&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=GFOt6dZtFtUvadx--7WZItHuwKOehtJ_sVwEBamYXT-HGbzJGaPeV9lYpZqi5siCf7di2jCOdPuFDX-gNQg32aNKOq5i0LlSBmTd9SXGTZos1zOf3mG4ejyO42GlyNdoVrxUUx2LmDygsvn_cZYIuRI1m0ez4vOU_s85VofWorYLyimjQJ_vWGcY9oxl1zx03HYpjD9qo4SaTKUyHLxpWowt4hvcCWnmQHRwwEnNZ52DF0Y08uuFBtZ2vupO3jz7UBnWkCtUcm5E73JxTjrVBW9ejjdJORDPFkqOedvekev2i763kXRFGMCXCZOcIyCh8MNK3RYvq9tRvlAn4zIsqtBNtWfs9O4sORiugwTT-tya2DSsbkipPDDNC6Yzws9C4HnrRRmH_MEFK3uBzcZBghobKM0jf-NU2TwpRl9lsxvVlIsiWSny9f2gEQU2PNBMBxrl3T9QRSJapLdZ-aCXoNLX600KglmVmhVDDbNZjyYcPbmDHS949EpiTE_3Xoh3nvTnsRSB_as9AFLF4kdU1Aws8JRDsdlxzyFLPKH_06Nxcy5cg2FgZcXdnXJavdZN9w_z7q09Y7UV2cvjUSTFsNLooamCXlc9btprKRl15GS_FxkeqiSAkluw9NZLBrQldZ5MmJHqJCuobEuq26tYB64Z4UQ6qGgldX4Pzrgo3KFyRbHePETHSGioFv6V8dt-RDrDdmyIuPP4PIbB-tvCdlnm6Nq6o-cHwTf1Uw==&ruid=36d21996-3161-4244-a1dd-aa2fea7ab614&subid=754549898436681728&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjecttharbadir.com
FingerprintA5:91:BD:23:83:6F:FE:A6:06:78:AE:E7:58:60:8E:74:B2:BA:C3:64
ValidityThu, 21 Sep 2023 16:36:00 GMT - Wed, 20 Dec 2023 16:35:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=1404754519&z=2892323&b=15763363&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=GFOt6dZtFtUvadx--7WZItHuwKOehtJ_sVwEBamYXT-HGbzJGaPeV9lYpZqi5siCf7di2jCOdPuFDX-gNQg32aNKOq5i0LlSBmTd9SXGTZos1zOf3mG4ejyO42GlyNdoVrxUUx2LmDygsvn_cZYIuRI1m0ez4vOU_s85VofWorYLyimjQJ_vWGcY9oxl1zx03HYpjD9qo4SaTKUyHLxpWowt4hvcCWnmQHRwwEnNZ52DF0Y08uuFBtZ2vupO3jz7UBnWkCtUcm5E73JxTjrVBW9ejjdJORDPFkqOedvekev2i763kXRFGMCXCZOcIyCh8MNK3RYvq9tRvlAn4zIsqtBNtWfs9O4sORiugwTT-tya2DSsbkipPDDNC6Yzws9C4HnrRRmH_MEFK3uBzcZBghobKM0jf-NU2TwpRl9lsxvVlIsiWSny9f2gEQU2PNBMBxrl3T9QRSJapLdZ-aCXoNLX600KglmVmhVDDbNZjyYcPbmDHS949EpiTE_3Xoh3nvTnsRSB_as9AFLF4kdU1Aws8JRDsdlxzyFLPKH_06Nxcy5cg2FgZcXdnXJavdZN9w_z7q09Y7UV2cvjUSTFsNLooamCXlc9btprKRl15GS_FxkeqiSAkluw9NZLBrQldZ5MmJHqJCuobEuq26tYB64Z4UQ6qGgldX4Pzrgo3KFyRbHePETHSGioFv6V8dt-RDrDdmyIuPP4PIbB-tvCdlnm6Nq6o-cHwTf1Uw==&ruid=36d21996-3161-4244-a1dd-aa2fea7ab614&subid=754549898436681728&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=4&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: scm=1; OAID=fc6b62f817f7473a906e4e9a39f79ea0; oaidts=1701462230
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:58 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 93cc8449c6bb42a09de1d7137c96440f
access-control-expose-headers: X-Sc
set-cookie: OAID=fc6b62f817f7473a906e4e9a39f79ea0; expires=Sat, 30 Nov 2024 20:23:58 GMT; secure; SameSite=None
oaidts=1701462230; expires=Sat, 30 Nov 2024 20:23:58 GMT; secure; SameSite=None
oaidvc=1; expires=Sat, 30 Nov 2024 20:23:58 GMT; secure; SameSite=None
CNT=1_v1_o4fwAAEAAADsTAAA; expires=Fri, 01 Dec 2023 21:23:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

vaugroar.com/custom

139.45.197.250

200 OK

39 B

URL POST HTTP/2
vaugroar.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectvaugroar.com
FingerprintF5:48:7D:7C:B6:28:8D:55:D3:7D:CF:03:2F:84:BE:B7:FD:20:F0:EE
ValiditySun, 12 Nov 2023 05:15:08 GMT - Sat, 10 Feb 2024 05:15:07 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: vaugroar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Content-Type: application/json
Content-Length: 426
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:59 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 8402329788789f7b970072e231f7b85e
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdn.yourwebbars.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/index.html

104.26.6.19

200 OK

1.4 kB

URL GET HTTP/2
cdn.yourwebbars.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/index.html
IP
104.26.6.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49
ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (1513), with no line terminators
Size
1.4 kB (1433 bytes)
Hash
81d8118d3537074ab40120b4e3f313d1
9e5bab2b235aadee5ef3ea18d5d73586e92e11f2
2f234b9a6693d5555fdaff9bf301a59a5912fb833f3e168fdbb717a08c6b4e51

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:54 GMT
content-type: text/html
last-modified: Thu, 19 Oct 2023 15:25:25 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 429385
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SM3%2B4jwf3CyI5KKplLPJ9cZaMUcpwvWacL9M1zrzmvHHLFhVx2CtAxQ5LAQJgcgmIOFdZMBxuv%2FVUeSXAfy43XaLdmo3Hfph4uah5GkELSWE7YNU3HTOZT5m6ubOWzdPnOIkapA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cf809bab4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

192.185.106.252

200 OK

88 kB

URL GET HTTP/2
www.vugla.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: application/javascript
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/css/style.css

172.64.108.10

200 OK

3.4 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/css/style.css
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text, with very long lines (3588), with no line terminators
Size
3.4 kB (3413 bytes)
Hash
9f41060a94dfdae2b9e3e7af3fbafd0d
e08ee5f1feddbd7f0e0b68e945509a0029cc7f60
f28e8574ddbdb7d40301ecd44c1eec3324a40024536bca957e3d09ebd288721a

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:55 GMT
content-type: text/css
last-modified: Thu, 19 Oct 2023 15:30:48 GMT
etag: W/"65314ba8-d55"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 66571
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AuxaBhBa2kOP96XkVDS5aFQUXY3JIp1ih1AmQBzZzXx0geZaxPEujOXMSZ8AbZDkJRa0Dfwe0eWlXnYdmiCL5fFVYpAH%2Ff5EVpVSrUb0kvNAHyI8hsRpcsiz3DXqR9c%2F%2FReZHP2JcS9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cf9ce82531c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.nbfcs.org/

15.197.172.60

200 OK

1.2 kB

URL GET HTTP/1.1
www.nbfcs.org/
IP
15.197.172.60:443
ASN
#16509 AMAZON-02

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoDaddy.com, Inc.
Subjectwww.nbfcs.org
FingerprintE0:6B:EC:7B:D6:B0:6E:9E:26:18:76:0D:83:E2:83:F9:02:52:F5:09
ValidityFri, 17 Nov 2023 10:08:39 GMT - Sun, 17 Nov 2024 10:08:39 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1227), with no line terminators
Size
1.2 kB (1177 bytes)
Hash
02570f397a53dab1ff08bc71bac0abb2
5bb9177a90a2333ad9c7ab44c10b2e5f650c0d97
eec4aae2fa8d35ff232ebe19797db5bcde4e1792ce4eb4a3739030215468850a

HTTP Headers

GET / HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 01 Dec 2023 20:23:54 GMT
Content-Type: text/html
Content-Length: 1177
Last-Modified: Thu, 30 Nov 2023 23:50:58 GMT
Connection: keep-alive
ETag: "65691fe2-499"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_ENz/K+PjBN0f7d4uAK6i9sVttzh1wtg6nZ+1UAvE7vPXElYhzDXKeeVTCrm3d3z1MlDESrhhCv293G+wNltFFw
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=10.116.88.163;Path=/;Max-Age=86400;
country=;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.ACTIVE.5D3C3A1B-1A26-48DD-A7EC-02F11DDF874F;Path=/;Max-Age=86400;
Accept-Ranges: bytes

tharbadir.com/121?rnd=3009902058&z=2892323&b=15763363&c=6332999&var=&varid=0&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D754549898436681728&cln={CELL_NUMBER}&btp=7&rb=GFOt6dZtFtUvadx--7WZItHuwKOehtJ_sVwEBamYXT-HGbzJGaPeV9lYpZqi5siCf7di2jCOdPuFDX-gNQg32aNKOq5i0LlSBmTd9SXGTZos1zOf3mG4ejyO42GlyNdoVrxUUx2LmDygsvn_cZYIuRI1m0ez4vOU_s85VofWorYLyimjQJ_vWGcY9oxl1zx03HYpjD9qo4SaTKUyHLxpWowt4hvcCWnmQHRwwEnNZ52DF0Y08uuFBtZ2vupO3jz7UBnWkCtUcm5E73JxTjrVBW9ejjdJORDPFkqOedvekev2i763kXRFGMCXCZOcIyCh8MNK3RYvq9tRvlAn4zIsqtBNtWfs9O4sORiugwTT-tya2DSsbkipPDDNC6Yzws9C4HnrRRmH_MEFK3uBzcZBghobKM0jf-NU2TwpRl9lsxvVlIsiWSny9f2gEQU2PNBMBxrl3T9QRSJapLdZ-aCXoNLX600KglmVmhVDDbNZjyYcPbmDHS949EpiTE_3Xoh3nvTnsRSB_as9AFLF4kdU1Aws8JRDsdlxzyFLPKH_06Nxcy5cg2FgZcXdnXJavdZN9w_z7q09Y7UV2cvjUSTFsNLooamCXlc9btprKRl15GS_FxkeqiSAkluw9NZLBrQldZ5MmJHqJCuobEuq26tYB64Z4UQ6qGgldX4Pzrgo3KFyRbHePETHSGioFv6V8dt-RDrDdmyIuPP4PIbB-tvCdlnm6Nq6o-cHwTf1Uw==&bag=b8Ba6-3p6UWez0kEVke3cNfPMDZv19jg&ruid=36d21996-3161-4244-a1dd-aa2fea7ab614&subid=754549898436681728

139.45.197.238

302 Found

1.2 kB

URL GET HTTP/2
tharbadir.com/121?rnd=3009902058&z=2892323&b=15763363&c=6332999&var=&varid=0&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D754549898436681728&cln={CELL_NUMBER}&btp=7&rb=GFOt6dZtFtUvadx--7WZItHuwKOehtJ_sVwEBamYXT-HGbzJGaPeV9lYpZqi5siCf7di2jCOdPuFDX-gNQg32aNKOq5i0LlSBmTd9SXGTZos1zOf3mG4ejyO42GlyNdoVrxUUx2LmDygsvn_cZYIuRI1m0ez4vOU_s85VofWorYLyimjQJ_vWGcY9oxl1zx03HYpjD9qo4SaTKUyHLxpWowt4hvcCWnmQHRwwEnNZ52DF0Y08uuFBtZ2vupO3jz7UBnWkCtUcm5E73JxTjrVBW9ejjdJORDPFkqOedvekev2i763kXRFGMCXCZOcIyCh8MNK3RYvq9tRvlAn4zIsqtBNtWfs9O4sORiugwTT-tya2DSsbkipPDDNC6Yzws9C4HnrRRmH_MEFK3uBzcZBghobKM0jf-NU2TwpRl9lsxvVlIsiWSny9f2gEQU2PNBMBxrl3T9QRSJapLdZ-aCXoNLX600KglmVmhVDDbNZjyYcPbmDHS949EpiTE_3Xoh3nvTnsRSB_as9AFLF4kdU1Aws8JRDsdlxzyFLPKH_06Nxcy5cg2FgZcXdnXJavdZN9w_z7q09Y7UV2cvjUSTFsNLooamCXlc9btprKRl15GS_FxkeqiSAkluw9NZLBrQldZ5MmJHqJCuobEuq26tYB64Z4UQ6qGgldX4Pzrgo3KFyRbHePETHSGioFv6V8dt-RDrDdmyIuPP4PIbB-tvCdlnm6Nq6o-cHwTf1Uw==&bag=b8Ba6-3p6UWez0kEVke3cNfPMDZv19jg&ruid=36d21996-3161-4244-a1dd-aa2fea7ab614&subid=754549898436681728
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjecttharbadir.com
FingerprintA5:91:BD:23:83:6F:FE:A6:06:78:AE:E7:58:60:8E:74:B2:BA:C3:64
ValidityThu, 21 Sep 2023 16:36:00 GMT - Wed, 20 Dec 2023 16:35:59 GMT

File type

Size
1.2 kB (1177 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /121?rnd=3009902058&z=2892323&b=15763363&c=6332999&var=&varid=0&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D754549898436681728&cln={CELL_NUMBER}&btp=7&rb=GFOt6dZtFtUvadx--7WZItHuwKOehtJ_sVwEBamYXT-HGbzJGaPeV9lYpZqi5siCf7di2jCOdPuFDX-gNQg32aNKOq5i0LlSBmTd9SXGTZos1zOf3mG4ejyO42GlyNdoVrxUUx2LmDygsvn_cZYIuRI1m0ez4vOU_s85VofWorYLyimjQJ_vWGcY9oxl1zx03HYpjD9qo4SaTKUyHLxpWowt4hvcCWnmQHRwwEnNZ52DF0Y08uuFBtZ2vupO3jz7UBnWkCtUcm5E73JxTjrVBW9ejjdJORDPFkqOedvekev2i763kXRFGMCXCZOcIyCh8MNK3RYvq9tRvlAn4zIsqtBNtWfs9O4sORiugwTT-tya2DSsbkipPDDNC6Yzws9C4HnrRRmH_MEFK3uBzcZBghobKM0jf-NU2TwpRl9lsxvVlIsiWSny9f2gEQU2PNBMBxrl3T9QRSJapLdZ-aCXoNLX600KglmVmhVDDbNZjyYcPbmDHS949EpiTE_3Xoh3nvTnsRSB_as9AFLF4kdU1Aws8JRDsdlxzyFLPKH_06Nxcy5cg2FgZcXdnXJavdZN9w_z7q09Y7UV2cvjUSTFsNLooamCXlc9btprKRl15GS_FxkeqiSAkluw9NZLBrQldZ5MmJHqJCuobEuq26tYB64Z4UQ6qGgldX4Pzrgo3KFyRbHePETHSGioFv6V8dt-RDrDdmyIuPP4PIbB-tvCdlnm6Nq6o-cHwTf1Uw==&bag=b8Ba6-3p6UWez0kEVke3cNfPMDZv19jg&ruid=36d21996-3161-4244-a1dd-aa2fea7ab614&subid=754549898436681728 HTTP/1.1
Host: tharbadir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: scm=1; OAID=fc6b62f817f7473a906e4e9a39f79ea0; oaidts=1701462230
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Fri, 01 Dec 2023 20:23:53 GMT
content-length: 0
location: https://www.nbfcs.org/#signUp=754549898436681728
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 8bd20449ce95a7424e673a2d00513550
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/css/style_main.css

192.185.106.252

200 OK

85 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/css/style_main.css
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
ASCII text, with very long lines (6104), with CRLF line terminators
Size
85 kB (84670 bytes)
Hash
1d85fc3a503a0f77b0f029ad44e4ddd4
5b1212871267b4eba6f2d0628ce678890cefbd8e
df3db153ea5d4b5fdd494569edaa7513e12c7520282d6926628bee4e93c18187

HTTP Headers

GET /wp-content/themes/vugla/css/style_main.css HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/style.css?ver=6.4.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 23 May 2014 15:19:09 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.173.31

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
172.64.173.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:52 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f50fd3e5d48ffe171989d12a325c5887
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 01 Dec 2023 20:23:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FpG%2FchtVxXaNOLAfVy5H5Nv1bCW5VR55MhVop6vIWEiBjR%2B1qg9bEKqtlfAtBCBrzPMCeboN5IuXnwZcrBt9holL2dftVJorUNm4PGRmZB1soMmB4wlykbYiV7K9w396NSfZr4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0ce97856643d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vaugroar.com/pfe/current/defaultSkin.min.js

139.45.197.250

200 OK

57 kB

URL GET HTTP/2
vaugroar.com/pfe/current/defaultSkin.min.js
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectvaugroar.com
FingerprintF5:48:7D:7C:B6:28:8D:55:D3:7D:CF:03:2F:84:BE:B7:FD:20:F0:EE
ValiditySun, 12 Nov 2023 05:15:08 GMT - Sat, 10 Feb 2024 05:15:07 GMT

File type

Size
57 kB (57187 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: vaugroar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:59 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-df63"
access-control-allow-origin: https://www.vugla.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

vaugroar.com/pfe/current/tag.min.js?z=1548391

139.45.197.250

200 OK

13 kB

URL GET HTTP/2
vaugroar.com/pfe/current/tag.min.js?z=1548391
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectvaugroar.com
FingerprintF5:48:7D:7C:B6:28:8D:55:D3:7D:CF:03:2F:84:BE:B7:FD:20:F0:EE
ValiditySun, 12 Nov 2023 05:15:08 GMT - Sat, 10 Feb 2024 05:15:07 GMT

File type
C source, ASCII text, with very long lines (13300), with no line terminators
Size
13 kB (13300 bytes)
Hash
258578af3c107ccb907f73c3a2f4c25f
7a192edea829968fb7f57f2a2fc4cb5b612598be
1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/tag.min.js?z=1548391 HTTP/1.1
Host: vaugroar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:50 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-33f4"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701462235997&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=463628786.1701462236&ul=en-us&sr=1280x1024&_s=1&sid=1701462236&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&dt=%C5%BDivotinje%3A%20Kako%20su%20%27rok%20zvezde%27%20pande%20ostale%20bez%20ljubavne%20pri%C4%8De%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3521

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701462235997&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=463628786.1701462236&ul=en-us&sr=1280x1024&_s=1&sid=1701462236&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&dt=%C5%BDivotinje%3A%20Kako%20su%20%27rok%20zvezde%27%20pande%20ostale%20bez%20ljubavne%20pri%C4%8De%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3521
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7NCJ73THPT&gtm=45je3bt0v879882835&_p=1701462235997&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=463628786.1701462236&ul=en-us&sr=1280x1024&_s=1&sid=1701462236&sct=1&seg=0&dl=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&dt=%C5%BDivotinje%3A%20Kako%20su%20%27rok%20zvezde%27%20pande%20ostale%20bez%20ljubavne%20pri%C4%8De%20-%20Vugla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3521 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.vugla.com
date: Fri, 01 Dec 2023 20:23:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=250e78938053497898f6424251e53396&zoneId=1548391&checkDuplicate=true&ymid=&var=

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?pub=0&userId=250e78938053497898f6424251e53396&zoneId=1548391&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
65 B (65 bytes)
Hash
69d1be13c1f2c9eac7a0d55740f4f826
2f043ac92b4daef42817adaf7d4705c596dfaa49
a6a21e09023df387efc0c108efb402c2693a870f65a169350c4978fc0d24df4e

HTTP Headers

GET /gid.js?pub=0&userId=250e78938053497898f6424251e53396&zoneId=1548391&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vugla.com/
Origin: https://www.vugla.com
DNT: 1
Connection: keep-alive
Cookie: ID=fc6b62f817f7473a906e4e9a39f79ea0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:53 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.vugla.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=fc6b62f817f7473a906e4e9a39f79ea0; expires=Sat, 30 Nov 2024 20:23:53 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700

142.250.74.106

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
11 kB (11054 bytes)
Hash
907324db4557468965fb1beb08371f20
4936d051bdee930b9cbea5dffb22de4e1f2c85e9
795a4ab4ef2ac13848a83e5b36477caf20c05f4314bbc003bbaadab6d4985c95

HTTP Headers

GET /css?family=Open+Sans:400italic,700italic,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Dec 2023 20:23:50 GMT
date: Fri, 01 Dec 2023 20:23:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vugla.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__

142.250.150.84

200 OK

565 B

URL GET HTTP/2
accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vugla.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (585), with no line terminators
Size
565 B (565 bytes)
Hash
71f0536b3bf032feb63e160b0be2a303
6c05ada4e66084f852dc3d99bc7044ca1f4f343c
dff47b08691f0b1c2145e5b28f1a0bbe383dd0fba6ef1476d842b60268dd4dbc

HTTP Headers

GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vugla.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 01 Dec 2023 20:23:53 GMT
content-security-policy: script-src 'nonce-ZSfUMgvV-RpY_oh8vF9ZoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1

192.185.106.252

200 OK

110 kB

URL GET HTTP/2
www.vugla.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type

Size
110 kB (110035 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.1 HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 13 Nov 2023 13:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy: 
content-type: text/css
date: Fri, 01 Dec 2023 20:23:50 GMT
server: Apache
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.173.31

200 OK

86 kB

URL GET HTTP/3
friendshipmale.com/sfp.js
IP
172.64.173.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Dec 2023 20:23:54 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 0b27efc662f11e540c2bee31b14e17f9
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 01 Dec 2023 20:23:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBtfVhpBqyh9qRRS%2BTK923UO%2FkIEwn9VEgSe478zl2C8VIGYr363OWc7S7hC0MzKiCXQshMtfsEGsDVMZAmwxp3hqR9izAgBY9VycILCEsuex%2Bqz8J1dKdzNrhmAQNxAsvkBn%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0cf49ede7744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

unseenreport.com/pxf.gif?uuid=aa147afb-384f-420d-85a5-82ce2ce5a288&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=aa147afb-384f-420d-85a5-82ce2ce5a288&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=aa147afb-384f-420d-85a5-82ce2ce5a288&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 01 Dec 2023 20:23:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 415885c02c6348d7fd4d578282918e19
Strict-Transport-Security: max-age=0; includeSubdomains

apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__

142.250.74.78

301 Moved Permanently

0 B

URL GET HTTP/3
apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&data-size=standard&origin=https%3A%2F%2Fwww.vugla.com&url=https%3A%2F%2Fwww.vugla.com%2Fzivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 20:23:52 GMT
expires: Fri, 01 Dec 2023 20:53:52 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

tzegilo.com/stattag.js

104.21.11.245

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
104.21.11.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint52:B8:ED:73:BB:55:6F:9C:F8:97:7C:04:34:2B:AD:DB:55:0A:C9:6A
ValidityThu, 05 Oct 2023 17:59:18 GMT - Wed, 03 Jan 2024 17:59:17 GMT

File type
ASCII text, with very long lines (18369)
Size
19 kB (19019 bytes)
Hash
89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:23:51 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6929
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFlsPfzKeukTVcuXdDCckM5V%2BsZGVs1xuvCDHQVPZBxCgEH8%2BQTpfgaJ24T9skF4hqiq1e%2B2LqE263xvwezJXKv3x6FtwRRuJjafd5u8JMdykfWep%2BIqTHhQEVFfpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ee0ce47fb756b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

psuftoum.com/5/1316441

139.45.197.244

200 OK

72 kB

URL GET HTTP/2
psuftoum.com/5/1316441
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectpsuftoum.com
Fingerprint2C:F3:EA:66:F3:74:01:A6:A1:04:29:7A:60:60:06:A7:A5:C0:93:CC
ValidityTue, 19 Sep 2023 05:22:30 GMT - Mon, 18 Dec 2023 05:22:29 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (71571 bytes)
Hash
cd992087e180c52441eb8a32a043c3a3
38d94e7c39066147250e20d2164287ddd9b6c65b
547aec97d76257f15e334bc3089faa55532a252db21d5f84ebb892a5b6797bb9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/1316441 HTTP/1.1
Host: psuftoum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:23:50 GMT
content-type: application/javascript
x-trace-id: 560aac40793d269d22a690c1a50461e4
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=a5780e9dbaf141bd9aea777aa3fd0756; expires=Sat, 30 Nov 2024 20:23:50 GMT; path=/; secure; SameSite=None
oaidts=1701462230; expires=Sat, 30 Nov 2024 20:23:50 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

rollerstrayprawn.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3qwiiIJB%2FANhDgEV3dnunu6dHnNYjTEhmD%2BTaK5WV1XPVra6q6nqnt7saWNAc5ygB4%2B9bzZZo0HMVZDIrB5kIbDjQeaQ9SqoIARyltkdWPwO9X1V7x3ee199tl7uEg8lHZ8%2Fo1elUnQ%2BbLqN1y%2FLjOvKNs5eanhu0z3auCyzheBoY2VymN7bnhs23TcaJwVb1vO%2B67mu53qNE9KIRK%2FM76GQ%2Bd2O1%2By4zcBvemGAFfP%2Fuy0dWOqA93bJYUg%2BemLp13uQbIgs%2Ff64sMuFzt96Py0VLbRBj29%2BlC1nusqQHoyJcZBkm1M2tB0R8tUMdLY5dQDd25g4QCxHxPndQ5xtTmUi7t3aVxoriAwxfxpVbwihhpB0CKavQ%2FIdAjCOs%2BeQpbfPalPRq%2FsonaAjMvv4EWQ1IrMPn0eWfndMyZXGRa3KQurMYiWpIVeGkN0h8nILxaoDWW2BFZ9C8gdk%2FvFpZOnGOas0JB8fodQL2jSJ51pRkMwFvsvnopCGc5HPhM9ESP0o2otIyiFkMoQSfVB7CKV1UEoHZeKgzB2kfNygYSdx3XYSJ61WFDDGWi3GwmiBh7wVRImLkk089FHkfTDVBzNryM0aluXNnfAwTPkT7FINy2dgixFxPlxDj9eoBEFlCSpKUEmCqiCoevUtrqxv69tc2TL2pt2f9lY90EV3nd7SRVdkBNT01%2FNd8txehn%2F9GWFZjBvca7Vd3%2B%2F4YcyYTxciN4loELQXkqQTeEEAK2tIOwNqHaxOFoqnkE%2F6mb8R0y1YtQUmD4GWr4JWg7bvgi4NgsjFananV3YVbTKdgusaeTGL4qqzrnbJy3siTn55DYJtL%2F7z7MezL31RgpkaualxRf5M0FU3Bhd0RTYu6MqSe%2BfyQqZylU6WfLGghZj95gNxtdKGnzpu%2B3feZRNgMt69JGxxmmZcZl1Lvj0mORfmhDZMkB9P2csiPl%2FapWOlycr89Pn3TpxKcyOslTobgsqdT%2B6DyRF55vbi3vd97esfIM0QpqyRlttkWpB6Cyxfg823F%2F94MH7h8zdnYDWBUQecOHdQlfXA%2BPHBo5Ij4j96EUpsL%2F5y7ckjD%2BdfAY1rWHEQQyy27%2F%2B7z1%2B3N9A1DmhxHVlao2dq9FQNqvqw5aFBkZvtxd9ae4VYOYNYGWcjVkbd3I%2FXynEj9AIRxVGbcR4Lxr2234parutzHrQ7wuugsCNx5Z3xfwAAAP%2F%2FAQAA%2F%2F%2Ft0hcVmgQAAA%3D%3D

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
rollerstrayprawn.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3qwiiIJB%2FANhDgEV3dnunu6dHnNYjTEhmD%2BTaK5WV1XPVra6q6nqnt7saWNAc5ygB4%2B9bzZZo0HMVZDIrB5kIbDjQeaQ9SqoIARyltkdWPwO9X1V7x3ee199tl7uEg8lHZ8%2Fo1elUnQ%2BbLqN1y%2FLjOvKNs5eanhu0z3auCyzheBoY2VymN7bnhs23TcaJwVb1vO%2B67mu53qNE9KIRK%2FM76GQ%2Bd2O1%2By4zcBvemGAFfP%2Fuy0dWOqA93bJYUg%2BemLp13uQbIgs%2Ff64sMuFzt96Py0VLbRBj29%2BlC1nusqQHoyJcZBkm1M2tB0R8tUMdLY5dQDd25g4QCxHxPndQ5xtTmUi7t3aVxoriAwxfxpVbwihhpB0CKavQ%2FIdAjCOs%2BeQpbfPalPRq%2FsonaAjMvv4EWQ1IrMPn0eWfndMyZXGRa3KQurMYiWpIVeGkN0h8nILxaoDWW2BFZ9C8gdk%2FvFpZOnGOas0JB8fodQL2jSJ51pRkMwFvsvnopCGc5HPhM9ESP0o2otIyiFkMoQSfVB7CKV1UEoHZeKgzB2kfNygYSdx3XYSJ61WFDDGWi3GwmiBh7wVRImLkk089FHkfTDVBzNryM0aluXNnfAwTPkT7FINy2dgixFxPlxDj9eoBEFlCSpKUEmCqiCoevUtrqxv69tc2TL2pt2f9lY90EV3nd7SRVdkBNT01%2FNd8txehn%2F9GWFZjBvca7Vd3%2B%2F4YcyYTxciN4loELQXkqQTeEEAK2tIOwNqHaxOFoqnkE%2F6mb8R0y1YtQUmD4GWr4JWg7bvgi4NgsjFananV3YVbTKdgusaeTGL4qqzrnbJy3siTn55DYJtL%2F7z7MezL31RgpkaualxRf5M0FU3Bhd0RTYu6MqSe%2BfyQqZylU6WfLGghZj95gNxtdKGnzpu%2B3feZRNgMt69JGxxmmZcZl1Lvj0mORfmhDZMkB9P2csiPl%2FapWOlycr89Pn3TpxKcyOslTobgsqdT%2B6DyRF55vbi3vd97esfIM0QpqyRlttkWpB6Cyxfg823F%2F94MH7h8zdnYDWBUQecOHdQlfXA%2BPHBo5Ij4j96EUpsL%2F5y7ckjD%2BdfAY1rWHEQQyy27%2F%2B7z1%2B3N9A1DmhxHVlao2dq9FQNqvqw5aFBkZvtxd9ae4VYOYNYGWcjVkbd3I%2FXynEj9AIRxVGbcR4Lxr2234parutzHrQ7wuugsCNx5Z3xfwAAAP%2F%2FAQAA%2F%2F%2Ft0hcVmgQAAA%3D%3D
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subjectrollerstrayprawn.com
Fingerprint9E:74:D1:93:DF:47:C6:06:84:EA:02:9E:E8:F3:B5:CF:52:D3:9F:D0
ValidityTue, 28 Nov 2023 10:59:19 GMT - Mon, 26 Feb 2024 10:59:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3qwiiIJB%2FANhDgEV3dnunu6dHnNYjTEhmD%2BTaK5WV1XPVra6q6nqnt7saWNAc5ygB4%2B9bzZZo0HMVZDIrB5kIbDjQeaQ9SqoIARyltkdWPwO9X1V7x3ee199tl7uEg8lHZ8%2Fo1elUnQ%2BbLqN1y%2FLjOvKNs5eanhu0z3auCyzheBoY2VymN7bnhs23TcaJwVb1vO%2B67mu53qNE9KIRK%2FM76GQ%2Bd2O1%2By4zcBvemGAFfP%2Fuy0dWOqA93bJYUg%2BemLp13uQbIgs%2Ff64sMuFzt96Py0VLbRBj29%2BlC1nusqQHoyJcZBkm1M2tB0R8tUMdLY5dQDd25g4QCxHxPndQ5xtTmUi7t3aVxoriAwxfxpVbwihhpB0CKavQ%2FIdAjCOs%2BeQpbfPalPRq%2FsonaAjMvv4EWQ1IrMPn0eWfndMyZXGRa3KQurMYiWpIVeGkN0h8nILxaoDWW2BFZ9C8gdk%2FvFpZOnGOas0JB8fodQL2jSJ51pRkMwFvsvnopCGc5HPhM9ESP0o2otIyiFkMoQSfVB7CKV1UEoHZeKgzB2kfNygYSdx3XYSJ61WFDDGWi3GwmiBh7wVRImLkk089FHkfTDVBzNryM0aluXNnfAwTPkT7FINy2dgixFxPlxDj9eoBEFlCSpKUEmCqiCoevUtrqxv69tc2TL2pt2f9lY90EV3nd7SRVdkBNT01%2FNd8txehn%2F9GWFZjBvca7Vd3%2B%2F4YcyYTxciN4loELQXkqQTeEEAK2tIOwNqHaxOFoqnkE%2F6mb8R0y1YtQUmD4GWr4JWg7bvgi4NgsjFananV3YVbTKdgusaeTGL4qqzrnbJy3siTn55DYJtL%2F7z7MezL31RgpkaualxRf5M0FU3Bhd0RTYu6MqSe%2BfyQqZylU6WfLGghZj95gNxtdKGnzpu%2B3feZRNgMt69JGxxmmZcZl1Lvj0mORfmhDZMkB9P2csiPl%2FapWOlycr89Pn3TpxKcyOslTobgsqdT%2B6DyRF55vbi3vd97esfIM0QpqyRlttkWpB6Cyxfg823F%2F94MH7h8zdnYDWBUQecOHdQlfXA%2BPHBo5Ij4j96EUpsL%2F5y7ckjD%2BdfAY1rWHEQQyy27%2F%2B7z1%2B3N9A1DmhxHVlao2dq9FQNqvqw5aFBkZvtxd9ae4VYOYNYGWcjVkbd3I%2FXynEj9AIRxVGbcR4Lxr2234parutzHrQ7wuugsCNx5Z3xfwAAAP%2F%2FAQAA%2F%2F%2Ft0hcVmgQAAA%3D%3D HTTP/1.1
Host: rollerstrayprawn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/
Cookie: u_pl=15460408; uid_id2=aa147afb-384f-420d-85a5-82ce2ce5a288:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 01 Dec 2023 20:23:55 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a247c19d256cf448ebd9929957865ab
Strict-Transport-Security: max-age=0; includeSubdomains

www.google.com/adsense/domains/caf.js?abp=1

142.250.74.132

200 OK

150 kB

URL GET HTTP/2
www.google.com/adsense/domains/caf.js?abp=1
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.nbfcs.org/#signUp=754549898436681728
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

File type
ASCII text, with very long lines (1888)
Size
150 kB (149642 bytes)
Hash
980fb04d2da5f7f360deea9af49a0fdc
d9c762b66a33644ddc28c2ce6c09e1f400df8cdd
f9b94b36f3a1ff7c60d1048d748663b9d5592499491f07f7574a6b77b089a0af

HTTP Headers

GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Fri, 01 Dec 2023 20:23:54 GMT
expires: Fri, 01 Dec 2023 20:23:54 GMT
cache-control: private, max-age=3600
etag: "671007550098774708"
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.vugla.com/wp-content/themes/vugla/images/small-social-sprite.png

192.185.106.252

200 OK

3.8 kB

URL GET HTTP/2
www.vugla.com/wp-content/themes/vugla/images/small-social-sprite.png
IP
192.185.106.252:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://www.vugla.com/zivotinje-kako-su-rok-zvezde-pande-ostale-bez-ljubavne-price.html
Certificate
IssuerLet's Encrypt
Subject*.vugla.com
Fingerprint60:1A:D3:8D:4C:FA:56:F9:38:93:28:7F:AA:D3:BE:FE:AB:86:9D:99
ValidityWed, 22 Nov 2023 10:07:17 GMT - Tue, 20 Feb 2024 10:07:16 GMT

File type
PNG image data, 272 x 95, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3812 bytes)
Hash
1aabf6dabc51ca6168aa98fbecbf79e2
0e4cb499aff16fedb2097658da7d2baa1bdafaa8
09ac67d0b81afe77f52b59ee9abc68ba2dd7cf0ebbc85703c75a76c2586e93aa

HTTP Headers

GET /wp-content/themes/vugla/images/small-social-sprite.png HTTP/1.1
Host: www.vugla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vugla.com/wp-content/themes/vugla/css/style_main.css
Cookie: _ga_7NCJ73THPT=GS1.1.1701462236.1.0.1701462236.60.0.0; _ga=GA1.1.463628786.1701462236
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 15 Nov 2013 11:53:16 GMT
accept-ranges: bytes
content-length: 3812
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 30 Nov 2024 20:23:52 GMT
referrer-policy: 
pragma: public
content-type: image/png
date: Fri, 01 Dec 2023 20:23:52 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (58)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN